Through strategies like polymorphic code, which continuously alters its appearance to prevent detection, as well as employing encryption and obfuscation to disguise its actions, malware is getting more complex and sneaky. Additionally, to infiltrate sy…
Securonix is tracking a phishing campaign that’s targeting the Ukrainian military with malware-laden attachments posing as drone instruction manuals. The threat actor is using Microsoft help files (.chm) to deliver the malware.
Healthcare has been one of the primary industries targeted by threat actors as part of every malware or ransomware campaign. Many Advanced Persistent Threat (APT) actors are from China due to political reasons between China and the United States. These…
Windows users looking to install the Bitwarden password manager may have inadvertently installed a remote access trojan (RAT). The ZenRAT malware A malicious website spoofing Bitwarden’s legitimate one (located at bitwariden[.]com) has been offer…
Cybersecurity analysts at NSFOCUS Security Labs recently uncovered an unknown phishing-based attack process during threat-hunting. Apart from this, during their further investigation, they identified two new Trojans and rare attack methods. NSFOC…
This week the Rhysida ransomware group claimed the hack of the Kuwait Ministry of Finance and added it to its Tor leak site. Last week a ransomware attack hit the Government of Kuwait, the attack took place on September 18 and the government experts immediately started the incident response procedures to block the threat. Below […]
The post The Rhysida ransomware group hit the Kuwait Ministry of Finance appeared first on Security Affairs.
UAE-linked APT group Stealth Falcon has used the new Deadglyph backdoor in an attack targeting a governmental entity in the Middle East.
The post UAE-Linked APT Targets Middle East Government With New ‘Deadglyph’ Backdoor appeared first on …
A new campaign is spreading Xenomorph malware to Android users in the United States, Spain, Portugal, Italy, Canada, and Belgium. Researchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. In February 2022, researchers from ThreatFabric first spotted the Xenomorph malware, which was distributed via the official Google Play […]
The post Xenomorph malware is back after months of hiatus and expands the list of targets appeared first on Security Affairs.
EvilBamboo, formerly known as “Evil Eye,” has been found to target Tibetan, Uyghur, and Taiwanese organizations and individuals. This threat actor was mentioned as conducting custom Android malware campaigns in September 2019. In April 2020, EvilBamboo…
A phishing campaign targets Ukrainian military entities using drone manuals as lures to deliver the post-exploitation toolkit Merlin. Securonix researchers recently uncovered a phishing campaign using a Pilot-in-Command (PIC) Drone manual document as a lure to deliver a toolkit dubbed Merlin. The campaign, codenamed STARK#VORTEX by Securonix, targets Ukrainian military entities and CERT-UA attributed it […]
The post A phishing campaign targets Ukrainian military entities with drone manual lures appeared first on Security Affairs.