Cyware Alerts - Hacker News
New Malware Strains Pop Up in Threat Landscape
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_316764488.jpg "New Malware Strains Pop Up in Threat Landscape - Cybersecurity news")
Quorum Cyber Incident Response team recently identified a new malware called SharpRhino utilized by the threat actor group Hunters International during a ransomware incident. The malware, written in C#, was distributed through a typosquatting domain posing as Angry IP Scanner.
Vulnerabilities in CocoaPods: The Achilles' Heel of the Apple App Ecosystem
/https://cyware-ent.s3.amazonaws.com/image_bank/86da_Shutterstock_2382321587.jpg "Vulnerabilities in CocoaPods: The Achilles' Heel of the Apple App Ecosystem - Cybersecurity news")
Recent discoveries have unveiled severe vulnerabilities within CocoaPods, a dependency manager essential for iOS and macOS application development. These security flaws could lead to significant supply chain attacks, jeopardizing numerous applications. The exploit allows attackers to alter the soft ... Read More
Ink Trails by LilacSquid: PurpleInk, InkBox, and InkLoader
/https://cyware-ent.s3.amazonaws.com/image_bank/eff0_shutterstock_669652948.jpg "Ink Trails by LilacSquid: PurpleInk, InkBox, and InkLoader - Cybersecurity news")
Cisco Talos has revealed a new suspected data theft campaign, active since at least 2021, attributed to an APT actor named LilacSquid. It targets a diverse range of victims, including IT organizations developing software for research and industrial sectors in the U.S., energy sector organizations i ... Read More
Earth Krahang APT Targets Organizations Worldwide
/https://cyware-ent.s3.amazonaws.com/image_bank/22d0_shutterstock_659861572.jpg "Earth Krahang APT Targets Organizations Worldwide - Cybersecurity news")
An Earth Krahang APT campaign has been found targeting government entities worldwide, primarily in Southeast Asia, by exploiting vulnerabilities, spear-phishing, and abusing compromised government infrastructure. So far, seventy organizations spread across 23 countries have been targeted in the cam ... Read More
DarkGate Campaign Leverages Windows SmartScreen Bypass Flaw
/https://cyware-ent.s3.amazonaws.com/image_bank/46bc_shutterstock_680075185.jpg "DarkGate Campaign Leverages Windows SmartScreen Bypass Flaw - Cybersecurity news")
The DarkGate malware operation launched a new wave of attacks exploiting a recently patched Windows Defender SmartScreen vulnerability (CVE-2024-21412). Trend Micro analysts have reported that DarkGate operators are leveraging this vulnerability to enhance their malware distribution efforts, target ... Read More
Magnet Goblin Exploits 1-Day Bugs, Deploys Nerbian RAT
/https://cyware-ent.s3.amazonaws.com/image_bank/58d1_shutterstock_1214099371.jpg "Magnet Goblin Exploits 1-Day Bugs, Deploys Nerbian RAT - Cybersecurity news")
The threat actor group Magnet Goblin is rapidly exploiting newly disclosed vulnerabilities to target public-facing servers and edge devices, warned Check Point. This particular instance was an Ivanti Connect Secure exploitation campaign that resulted in the deployment of a Linux version of a ma ... Read More
Kimsuky Exploits ScreenConnect Bugs, Drops ToddlerShark
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_432177085.jpg "Kimsuky Exploits ScreenConnect Bugs, Drops ToddlerShark - Cybersecurity news")
The North Korea-based Kimsuky APT is abusing ScreenConnect bugs, CVE-2024-1708 and CVE-2024-1709, to propagate a new malware called ToddleShark. ToddlerShark uses polymorphic traits, legitimate Microsoft binaries, and registry modifications to establish persistence and gather sensitive information ... Read More
UAC-0184 Targets Ukrainian Entity in Finland with Remcos RAT
/https://cyware-ent.s3.amazonaws.com/image_bank/d668_shutterstock_626399252.jpg "UAC-0184 Targets Ukrainian Entity in Finland with Remcos RAT - Cybersecurity news")
Morphisec found that the UAC-0184 threat actor used steganography to deliver the Remcos RAT via the IDAT Loader, targeting a Ukrainian entity in Finland. The incident comes a few weeks after ASEC discovered that Remcos RAT is being distributed disguised as adult games through webhards. Re ... Read More
Linux Malware ‘Migo’ Targets Redis for Cryptojacking Attacks
/https://cyware-ent.s3.amazonaws.com/image_bank/cda3_shutterstock_2264903291.jpg "Linux Malware ‘Migo’ Targets Redis for Cryptojacking Attacks - Cybersecurity news")
Researchers spotted a new Migo malware targeting Redis servers to mine cryptocurrency and utilizing system-weakening commands to disable security features. Migo is distributed as a Golang ELF binary, with compile-time obfuscation and the ability to persist on Linux hosts. Organizations are expected ... Read More
Charming Kitten Uses BASICSTAR Against Middle East Policy Experts
/https://cyware-ent.s3.amazonaws.com/image_bank/e6ec_Shutterstock_1810431838.jpg "Charming Kitten Uses BASICSTAR Against Middle East Policy Experts - Cybersecurity news")
Iranian-origin threat group Charming Kitten has launched an espionage campaign targeting Middle East policy experts using malware such as BASICSTAR and KORKULOADER, capable of executing remote commands and displaying decoy PDF files. Some phishing attacks dropped customized backdoors, POWERLESS for ... Read More
Defend Against Threats with Cyber Fusion
Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.
Learn More
Trending Tags
