S3 Ep136: Navigating a manic malware maelstrom
Latest episode – listen now. Full transcript inside…
Polymorphic Malware Using #AI
In the ever-evolving landscape of cybersecurity, malicious actors constantly seek new ways to infiltrate computer systems, wreak havoc, and exploit vulnerabilities. One of their most insidious tools is polymorphic malware, a shape-shifting threat that challenges traditional defense mechanisms and poses a formidable challenge to organizations and individuals alike. In this blog post I will investigate […]
Samsung ASLR Bypass Flaw Is Actively Exploited – Warns CISA
US CISA recently issued an alert, warning Samsung users about an ASLR bypass flaw being…
Samsung ASLR Bypass Flaw Is Actively Exploited – Warns CISA on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses.
North Korea-linked Lazarus APT targets Microsoft IIS servers to deploy malware
North Korea-linked APT group Lazarus actor has been targeting vulnerable Microsoft IIS servers to deploy malware. AhnLab Security Emergency response Center (ASEC) researchers reported that the Lazarus APT Group is targeting vulnerable versions of Microsoft IIS servers in a recent wave of malware-based attacks. Once discovered a vulnerable ISS server, the attackers leverage the DLL side-loading […]
The post North Korea-linked Lazarus APT targets Microsoft IIS servers to deploy malware appeared first on Security Affairs.
Fully Encrypted GuLoader Uses Google Drive to Download Payloads
Antivirus products continuously advance to combat evolving threats, prompting malware developers to create new bypassing techniques like “packing” and “crypting,” GuLoader is a notable service employed by cybercriminals to avoid…
Iran-linked Tortoiseshell APT behind watering hole attacks on shipping and logistics Israeli websites
Iran-linked threat actor Tortoiseshell targeted shipping, logistics, and financial services companies in Israel with watering hole attacks. ClearSky Cyber Security uncovered a watering hole attack on at least eight Israeli websites belonging to shipping, logistics, and financial services companies and attributed them with low confidence to the Iran-linked APT group Tortoiseshell (aka TA456 or Imperial […]
The post Iran-linked Tortoiseshell APT behind watering hole attacks on shipping and logistics Israeli websites appeared first on Security Affairs.
BatLoader Malware is Now Distributed in Drive-By Attacks
Malign persuasion can take many forms. We tend to hear the most about phishing (malicious emails) or smishing (malicious texts). Other threats are also worth some attention, like the risk of drive-by attacks.
Legion AWS credential harvester and hijacker analyzed
Researchers from Cado Labs recently encountered an update to the emerging cloud-focused malware family, Legion. This sample iterates upon the credential harvesting features of its predecessor, with a continued emphasis on exploiting PHP web application…
Legitimate Android app transforms into data-snooping malware
ESET researchers have discovered a trojanized Android app named iRecorder – Screen Recorder. It was available on Google Play as a legitimate app in September 2021, with malicious functionality most likely added in August 2022. During its existenc…
AhRat Android RAT was concealed in iRecorder app in Google Play
ESET found a new remote access trojan (RAT), dubbed AhRat, on the Google Play Store that was concealed in an Android screen recording app. ESET researchers have discovered an Android app on Google Play that was hiding a new remote access trojan (RAT) dubbed AhRat. The app, named iRecorder – Screen Recorder, has more than […]
The post AhRat Android RAT was concealed in iRecorder app in Google Play appeared first on Security Affairs.