breaking news

Experts detected a new variant of North Korea-linked RUSTBUCKET macOS malware

GlobalDefenseBot
4 minutes

Researchers spotted a new version of the RustBucket Apple macOS malware that supports enhanced capabilities. Researchers from the Elastic Security Labs have spotted a new variant of the RustBucket Apple macOS malware. In April, the security firm Jamf observed the North Korea-linked BlueNoroff APT group using a new macOS malware, dubbed RustBucket. The group BlueNoroff is considered a group that […]

The post Experts detected a new variant of North Korea-linked RUSTBUCKET macOS malware appeared first on Security Affairs.

breaking news

Experts detected a new variant of North Korea-linked RUSTBUCKET macOS malware

GlobalDefenseBot
4 minutes

Researchers spotted a new version of the RustBucket Apple macOS malware that supports enhanced capabilities. Researchers from the Elastic Security Labs have spotted a new variant of the RustBucket Apple macOS malware. In April, the security firm Jamf observed the North Korea-linked BlueNoroff APT group using a new macOS malware, dubbed RustBucket. The group BlueNoroff is considered a group that […]

The post Experts detected a new variant of North Korea-linked RUSTBUCKET macOS malware appeared first on Security Affairs.

breaking news

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

GlobalDefenseBot
3 minutes

The LockBit ransomware gang claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC). The LockBit ransomware group this week claimed to have hacked the Taiwan Semiconductor Manufacturing Company (TSMC) and $70 million ransom. TSMC is the world’s biggest contract manufacturer of chips for tech giants, including Apple and Qualcomm Inc. As reported by BleepingComputer, on Wednesday, […]

The post LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC appeared first on Security Affairs.

breaking news

Avast released a free decryptor for the Windows version of the Akira ransomware

GlobalDefenseBot
3 minutes

Avast released a free decryptor for the Akira ransomware that can allow victims to recover their data without paying the ransom. Cybersecurity firm Avast released a free decryptor for the Akira ransomware that can allow victims to recover their data without paying the ransom. The Akira ransomware has been active since March 2023, the threat […]

The post Avast released a free decryptor for the Windows version of the Akira ransomware appeared first on Security Affairs.

breaking news

Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor

GlobalDefenseBot
4 minutes

Iran-linked Charming Kitten group used an updated version of the PowerShell backdoor called POWERSTAR in a spear-phishing campaign. Security firm Volexity observed the Iran-linked Charming Kitten (aka APT35, Phosphorus, Newscaster, and Ajax Security Team) group using an updated version of the PowerShell backdoor POWERSTAR in a spear-phishing campaign. Iran-linked Charming Kitten group, (aka APT35, Phosphorus, Newscaster, and Ajax Security Team) made the headlines in 2014 when experts at iSight issued […]

The post Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor appeared first on Security Affairs.

GuLoader Malware is Attacking Law Firms Using Weaponized PDF File

CySecBot
1 minute

The cybersecurity researchers at Morphisec Labs have been tracking the GuLoader campaign since April of this year and found that it has been actively targeting the law firms that are based in the US along with several other sectors like:- For more than…

breaking news

North Korea-linked Andariel APT used a new malware named EarlyRat last year

GlobalDefenseBot
2 minutes

North Korea-linked cyberespionage group Andariel used a previously undocumented malware called EarlyRat. Kaspersky researchers reported that the North Korea-linked APT group Andariel used a previously undocumented malware dubbed EarlyRat in attacks exploiting the Log4j Log4Shell vulnerability last year. The Andariel APT (aka Stonefly) has been active since at least 2015, it was involved in several attacks attributed to the North Korean government. The […]

The post North Korea-linked Andariel APT used a new malware named EarlyRat last year appeared first on Security Affairs.

Andariel Hackers Leverage EarlyRat Malware To Run Hacking Campaigns

CySecBot
1 minute

Andariel, a threat actor group based in North Korea, has leveraged the EarlyRat malware to conduct phishing campaigns. EarlyRat is a malware that has not been previously documented. The malware adds to the number of tools that are being used by this th…