breaking news

Pegasus spyware used to spy on a Polish mayor

GlobalDefenseBot
2 minutes

The phone of an opposition-linked Polish mayor was infected with the powerful Pegasus spyware, local media reported. Reuters reported that the phone of an opposition-linked Polish mayor was infected with the Pegasus spyware. According to rumors, the Polish special services are using surveillance software to spy on government opponents. The news of the hack was […]

The post Pegasus spyware used to spy on a Polish mayor appeared first on Security Affairs.

Chinese Hackers Unleashes MQsTTang Backdoor Against Govt Entities

CySecBot
1 minute

By Deeba Ahmed
The new MQTTang backdoor is capable of evading detection, making it an even bigger threat to victims.
This is a post from HackRead.com Read the original post: Chinese Hackers Unleashes MQsTTang Backdoor Against Govt Entities

breaking news

MQsTTang, a new backdoor used by Mustang Panda APT against European entities

GlobalDefenseBot
3 minutes

China-Linked Mustang Panda APT employed MQsTTang backdoor as part of an ongoing campaign targeting European entities. China-linked Mustang Panda APT group has been observed using a new backdoor, called MQsTTang, in attacks aimed at European entities. The hacking campaign began in January 2023, ESET researchers pointed out that the custom backdoor MQsTTang is not based on existing families […]

The post MQsTTang, a new backdoor used by Mustang Panda APT against European entities appeared first on Security Affairs.

breaking news

The U.S. CISA and FBI warn of Royal ransomware operation

GlobalDefenseBot
3 minutes

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of the capabilities of the recently emerged Royal ransomware. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars. Unlike other ransomware operations, Royal doesn’t offer Ransomware-as-a-Service, it appears to be a private group without […]

The post The U.S. CISA and FBI warn of Royal ransomware operation appeared first on Security Affairs.

breaking news

Retailer WH Smith discloses data breach after a cyberattack

GlobalDefenseBot
2 minutes

Retailer WH Smith disclosed a data breach following a cyber attack, threat actors had access to access company data. Retailer WH Smith revealed that threat actors have breached its infrastructure and had access to the data of about 12,500 current and former employees. The company immediately launched an investigation into the incident with the help […]

The post Retailer WH Smith discloses data breach after a cyberattack appeared first on Security Affairs.

breaking news

Cryptojacking campaign targets insecure deployments of Redis servers

GlobalDefenseBot
3 minutes

Researchers from Cado Security discovered a cryptojacking campaign targeting misconfigured Redis database servers. Cado Labs researchers recently discovered a new cryptojacking campaign targeting insecure deployments of Redis database servers. Threat actors behind this campaign used the free and open source command line file transfer service transfer.sh. The attackers likely used the legitimate transfer.sh service is an attempt […]

The post Cryptojacking campaign targets insecure deployments of Redis servers appeared first on Security Affairs.

Malware Families CheatSheet

CySecBot
1 minute

During talks and presentations people often ask me how do I remember so many names, different “artifacts” (a.k.a Malware) and groups. I actually ended up with a “hemmm … well… actually I just remember them since I read and write a lot about cyber threats”. So here it comes the Malware Family CheatSheet. This work […]

Attackers increasingly using transfer.sh to host malicious code

CySecBot
1 minute

For many years now, unsecured internet-facing Redis servers have been steadily getting co-opted by criminals to mine cryptocurrency, so the latest cryptojacking campaign spotted by Cado Labs researcher cannot be considered news. But one its elements po…

breaking news

Threat actors target law firms with GootLoader and SocGholish malware

GlobalDefenseBot
3 minutes

Cyber criminals are targeting law firms with GootLoader and FakeUpdates (aka SocGholish) malware families. Researchers from eSentire have foiled 10 cyberattacks targeting six different law firms throughout January and February of 2023. The firms were targeted as part of two distinct campaigns aimed at distributing GootLoader and FakeUpdates (aka SocGholish) malware. “The attacks emanated from two separate threat […]

The post Threat actors target law firms with GootLoader and SocGholish malware appeared first on Security Affairs.