SYS01 stealer targets critical government infrastructure

Researchers discovered a new info stealer dubbed SYS01 stealer targeting critical government infrastructure and manufacturing firms. Cybersecurity researchers from Morphisec discovered a new, advanced information stealer, dubbed SYS01 stealer, that since November 2022 was employed in attacks aimed at critical government infrastructure employees, manufacturing companies, and other sectors. The experts found similarities between the SYS01 stealer and another […]

The post SYS01 stealer targets critical government infrastructure appeared first on Security Affairs.

Chinese Sharp Panda Group Unleashes SoulSearcher Malware

By Waqas
Currently, in its cyber espionage campaign, Sharp Panda hackers are targeting government entities in Asia.
This is a post from HackRead.com Read the original post: Chinese Sharp Panda Group Unleashes SoulSearcher Malware

CrowdStrike: Attackers focusing on cloud exploits, data theft

CrowdStrike’s new threat report sees a big increase in data theft activity, as attackers move away from ransomware and other malware attacks, as defense gets better, and the value of data increases.
The post CrowdStrike: Attackers focusing on cloud exp…

Top members of DoppelPaymer Ransomware gang arrested

By Deeba Ahmed
Authorities have arrested two suspected members of the DoppelPaymer ransomware gang in Germany and Ukraine, believed to be high-value members of the cybercrime syndicate.
This is a post from HackRead.com Read the original post: Top membe…

European police dismantled the DoppelPaymer ransomware gang

German police announced to have dismantled an international cybercrime gang behind the DoppelPaymer ransomware operation. Europol has announced that an international operation conducted by law enforcement in Germany and Ukraine, with help of the US FBI and the Dutch police, targeted two key figures of the DoppelPaymer ransomware group. “On 28 February 2023, the German […]

The post European police dismantled the DoppelPaymer ransomware gang appeared first on Security Affairs.

Business-grade routers compromised in low-key attack campaign

An unknown threat actor has discreetly compromised business-grade DrayTek routers in Europe, Latin and North America, equipping them with a remote access trojan (dubbed HiatusRAT) and a packet capturing program. “The impacted models are high-band…

Colour-Blind, a fully featured info stealer and RAT in PyPI

Experts discovered a fully featured information stealer, tracked as ‘Colour-Blind’ in the Python Package Index (PyPI). Researchers from Kroll’s Cyber Threat Intelligence team discovered a malicious Python package uploaded to the Python Package Index (PyPI) that contained a fully-featured information stealer and remote access trojan tracked as Colour-Blind. Below is the list of capabilities supported […]

The post Colour-Blind, a fully featured info stealer and RAT in PyPI appeared first on Security Affairs.

MQsTTang – Chinese Hackers Using Custom Malware To Evade AV Detection

In a recent analysis, MQsTTang, a newly designed custom backdoor, has been scrutinized by ESET researchers. After a thorough investigation, the source of this malware has been attributed to the infamous Mustang Panda APT group by the experts. Tracing b…