Operation Sharpshooter Takes Aim at Global Critical Assets
Operation Sharpshooter uses a new implant to target mainly English-speaking nuclear, defense, energy and financial companies. Source: www.threatpost.com
Backdoor
Shining a Light on a New Technique for Stealth Persistence
Researchers devise post-intrusion attack that use existing system binaries to achieve arbitrary code execution to maintain stealth and persistence. Source: https://threatpost.com
Virus Bulletin 2018: Turla APT Changes Shape with New Code and Targets
Russian-speaking Turla has also racked up more victims in its latest APT campaign. Source: https://threatpost.com
Philips Vulnerability Exposes Sensitive Cardiac Patient Information
The unpatched flaw would allow a bad actor to execute information-exfiltrating malware, backdoors, ransomware or any other kind of bad code he or she chose. Source: https://threatpost.com
FELIXROOT Backdoor Resurfaces in Environmental Spam Campaign
This backdoor can be used for espionage and for dropping additional malware. Source: https://threatpost.com
RIG EK Still Makes Waves, This Time with a Stealthy Backdoor
The main purpose of Grobios malware is to help attacker establish a strong, persistent foothold in a victim’s system, in order to drop additional payloads later. Source: www.threatpost.com
PyRoMine Uses NSA Exploit for Monero Mining and Backdoors
Not just a miner, the malware also sets up a hidden default account with system administrator privileges, to be used for re-infection and further attacks. Source: https://threatpost.com
Orangeworm Mounts Espionage Campaign Against Healthcare
A freshly minted attack group dubbed Orangeworm has been uncovered, deploying a custom backdoor in mostly healthcare-related environments. It’s bent on laser-focused, comprehensive corporate espionage, with a noisy attack vector that shows that it’s unlikely to be related to nation-state actors. Researchers first found Orangeworm in the form of an interesting binary in 2016, and […] Source: https://threatpost.com
Google Detects and Boots Tizi Spyware Off Google Play
Google discovered a spyware app that uses nearly a dozen old vulnerabilities to root devices and steal sensitive data from social media applications. Source: www.threatpost.com
Inside the CCleaner Backdoor Attack
Two members of Avast’s threat intelligence team shared new information about the CCleaner backdoor attack. Source: https://threatpost.com