The SYS01 infection chain uses DLL sideloading to steal information. Learn how to protect your business from this cybersecurity threat.
The post SYS01 stealer targets Facebook business accounts and browser credentials appeared first on TechRepublic.
Researchers reported that Dark Pink APT employed a malware dubbed KamiKakaBot against Southeast Asian targets. In February 2023, EclecticIQ researchers spotted multiple KamiKakaBot malware samples that were employed by the Dark Pink APT group (aka Saaiwc) in attacks against government entities in Southeast Asia countries. The activity of the group was first detailed by Group-IB […]
The post Dark Pink APT targets Govt entities in South Asia appeared first on Security Affairs.
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. PlugX malware delivered by exploiting flaws in Chinese programs Prometei botnet evolves and infected +10,000 […]
The post Security Affairs newsletter Round 410 by Pierluigi Paganini appeared first on Security Affairs.
Researchers observed threat actors deploying PlugX malware by exploiting flaws in Chinese remote control programs Sunlogin and Awesun. Researchers at ASEC (AhnLab Security Emergency response Center) observed threat actors deploying the PlugX malware by exploiting vulnerabilities in the Chinese remote control software Sunlogin and Awesun. Sunlogin RCE vulnerability (CNVD-2022-10270 / CNVD-2022-03672) is known to be […]
The post PlugX malware delivered by exploiting flaws in Chinese programs appeared first on Security Affairs.
A new version of the Prometei botnet has infected more than 10,000 systems worldwide since November 2022, experts warn. Cisco Talos researchers reported that the Prometei botnet has infected more than 10,000 systems worldwide since November 2022. The crypto-mining botnet has a modular structure and employs multiple techniques to infect systems and evade detection. The Prometei botnet […]
The post Prometei botnet evolves and infected +10,000 systems since November 2022 appeared first on Security Affairs.
Researchers have discovered a Golang-based malware known as GoBruteforcer. This malware has been detected to be targeting web servers using phpMyAdmin, FTP, MySQL and Postgres to bring devices together in a botnet. Golang-based malware uses brute-force…
By Habiba Rashid
The alleged administrator of the website selling NetWire malware has been arrested in Croatia.
This is a post from HackRead.com Read the original post: NetWire Malware Site and Server Seized, Admin Arrested
An international law enforcement operation seized the infrastructure associated with the NetWire RAT and resulted in the arrest of its administrator. A coordinated international law enforcement operation resulted in the seizure of the infrastructure associated with the NetWire RAT, the police also arrested its administrator. Law enforcement seized the website www.worldwiredlabs[.]com and its alleged administrator, […]
The post Law enforcement seized the website selling the NetWire RAT and arrested a Croatian man appeared first on Security Affairs.
HYAS researchers recently developed proof-of-concept (PoC) malware that leverages AI both to eliminate the need for command and control (C2) infrastructure and to generate new malware on the fly in order to evade detection algorithms. The malware, dubbed “BlackMamba,” is the latest example of exploits that can evade even the most sophisticated cybersecurity products. While […]
The post BlackMamba PoC Malware Uses AI to Avoid Detection appeared first on eSecurityPlanet.
A new version of the Xenomorph Android malware includes a new automated transfer system framework and targets 400 banks. The author of the Xenomorph Android malware, the Hadoken Security Group, continues to improve their malicious code. In February 2022, researchers from ThreatFabric first spotted the Xenomorph malware, which was distributed via the official Google Play Store […]
The post Latest version of Xenomorph Android malware targets 400 banks appeared first on Security Affairs.