Smoke and (screen) mirrors: A strange signed backdoor
Credit to Author: Matt Wixey| Date: Tue, 09 Apr 2024 19:08:05 +0000
Sophos X-Ops discovers a curious backdoored (and signed) executable, masquerading as something else entirely
Read morebackdoor
Coldriver threat group targets high-ranking officials to obtain credentials
Russian state-sponsored actor Coldriver uses spear phishing attacks ti install the Spica backdoor on their victim’s system
Read moreMalware authors join forces and target organisations with Domino Backdoor
Categories: News Tags: domino Tags: loader Tags: backdoor Tags: malware Tags: ransomware Tags: emotet Tags: network Tags: corporate Tags: business Tags: organisation Tags: data Tags: theft Tags: steal Tags: banking Tags: trojan We take a look at a malware collective pushing a set of Domino malware files. |
The post Malware authors join forces and target organisations with Domino Backdoor appeared first on Malwarebytes Labs.
Read moreVisitors of tax return e-file service may have downloaded malware
Categories: News Categories: Scams Tags: tax scams Tags: efile.com Tags: US tax 2023 Tags: backdoor Tags: Trojan Tags: Johannes Ullrich Tags: MalwareHunterTeam Tags: /u/SaltyPotter Tags: fake network error notification Cybercriminals have compromised eFile.com to host malicious code that allows for the download of Trojans. |
The post Visitors of tax return e-file service may have downloaded malware appeared first on Malwarebytes Labs.
Read moreTimely patching is good, but sometimes it’s not enough
Categories: News Categories: Ransomware Tags: Lorenz Tags: ransomware Tags: CVE-2022-29499 Tags: Mitel Tags: backdoor Tags: web shell A recent case-study showed once again that timely patching is important, but it’s not a silver bullet for stopping ransomware. |
The post Timely patching is good, but sometimes it’s not enough appeared first on Malwarebytes Labs.
Read moreMalware targets 30 unpatched WordPress plugins
Categories: News Tags: WordPress Tags: exploit Tags: vulnerability Tags: plugin Tags: theme Tags: update Tags: linux malware Tags: backdoor It’s time to check your website is up to date. |
The post Malware targets 30 unpatched WordPress plugins appeared first on Malwarebytes Labs.
Read moreA week in security (July 25 – July 31)
Categories: A week in security Tags: backdoor Tags: blog recap Tags: bytedance Tags: cookies Tags: data breach Tags: Google Tags: linux Tags: microsoft Tags: ransomware Tags: SQL injection Tags: T-Mobile Tags: tiktok Tags: Uber Tags: week in security The most important and interesting computer security stories from the last week. |
The post A week in security (July 25 – July 31) appeared first on Malwarebytes Labs.
Read moreA week in security (July 25 – July 31)
Credit to Author: Malwarebytes Labs| Date: Mon, 01 Aug 2022 09:51:04 +0000
The most important and interesting computer security stories from the last week.
The post A week in security (July 25 – July 31) appeared first on Malwarebytes Labs.
Read moreIIS extensions are on the rise as backdoors to servers
Credit to Author: Pieter Arntz| Date: Wed, 27 Jul 2022 13:58:06 +0000
The Microsoft 365 Defender Research Team has warned that attackers are increasingly leveraging Internet Information Services (IIS) extensions as covert backdoors into servers.
The post IIS extensions are on the rise as backdoors to servers appeared first on Malwarebytes Labs.
Read moreAPT34 targets Jordan Government using new Saitama backdoor
Credit to Author: Threat Intelligence Team| Date: Tue, 10 May 2022 20:49:30 +0000
On April 26th, we identified a suspicious email that targeted a government official from Jordan’s foreign ministry. The email contained a malicious Excel document that drops a new backdoor named Saitama. Following our investigation, we were able to attribute this attack to the known Iranian Actor APT34. Also known as OilRig/COBALT GYPSY/IRN2/HELIX KITTEN, APT34 is…
The post APT34 targets Jordan Government using new Saitama backdoor appeared first on Malwarebytes Labs.
Read more