Stealth Falcon’s undocumented backdoor uses Windows BITS to exfiltrate data

ESET researchers discovered a new malware associated with the Stealth Falcon APT group that abuses the Windows BITS service to stealthy exfiltrate data. Security researchers from discovered a new malware associated with the Stealth Falcon cyber espionage group that abuses the Windows BITS service to stealthy exfiltrate data. Stealth Falcon is a nation-state actor active […]

The post Stealth Falcon’s undocumented backdoor uses Windows BITS to exfiltrate data appeared first on Security Affairs.

September 10, 2019
Read More >>

FIN6 recently expanded operations to target eCommerce sites

The financially-motivated hacking group FIN6 is switching tactics, passing from PoS attacks to the hack of e-commerce websites. According to researchers at IBM X-Force Incident Response and Intelligence Services (IRIS), the financially-motivated hacking group FIN6 is switching tactics, passing from PoS attacks to the hack of e-commerce websites. FIN6 group has been active since 2015, […]

The post FIN6 recently expanded operations to target eCommerce sites appeared first on Security Affairs.

August 31, 2019
Read More >>

Agent 1433: remote attack on Microsoft SQL Server

All over the world companies large and small use Microsoft SQL Server for database management. Highly popular yet insufficiently protected, this DBMS is a target of choice for hacking. One of the most common attack on Microsoft SQL Server — the remote attack based on malicious jobs — has been around for a long time, but it is still used to get access to workstations through less-than-strong administrator password. Attempted…

August 22, 2019
Read More >>

China-linked APT41 group targets US-Based Research University

Security experts at FireEye observed Chinese APT41 APT group targeting a web server at a U.S.-based research university. Experts at FireEye observed Chinese APT41 APT group targeting a web server at a U.S.-based research university. The APT41 has been active since at least 2012, it was involved in both state-sponsored espionage campaigns and financially-motivated attacks […]

The post China-linked APT41 group targets US-Based Research University appeared first on Security Affairs.

August 21, 2019
Read More >>

Backdoored Webmin versions were available for download for over a year

Webmin, the popular open-source web-based interface for Unix admin contained a remote code execution vulnerability for more than a year. Webmin is an open-source web-based interface for system administration for Linux and Unix. It allows users using web browsers to set up user accounts, Apache, DNS, file sharing and much more. News of the day […]

The post Backdoored Webmin versions were available for download for over a year appeared first on Security Affairs.

August 20, 2019
Read More >>