North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks

03/10/2024 0 Comments 0 tags

Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part of a campaign targeting Cambodia and

New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking

03/10/2024 0 Comments 0 tags

Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software. “Perfctl is

Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch

03/10/2024 0 Comments 0 tags

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV)

China-Linked CeranaKeeper Targeting Southeast Asia with Data Exfiltration

02/10/2024 0 Comments 0 tags

A previously undocumented threat actor called CeranaKeeper has been linked to a string of data exfiltration attacks targeting Southeast Asia. Slovak cybersecurity firm ESET, which observed campaigns targeting governmental institutions

Fake Trading Apps Target Victims Globally via Apple App Store and Google Play

02/10/2024 0 Comments 0 tags

A large-scale fraud campaign leveraged fake trading apps published on the Apple App Store and Google Play Store, as well as phishing sites, to defraud victims, per findings from Group-IB.

Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals

02/10/2024 0 Comments 0 tags

A spear-phishing email campaign has been observed targeting recruiters with a JavaScript backdoor called More_eggs, indicating persistent efforts to single out the sector under the guise of fake job applicant

Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit

02/10/2024 0 Comments 0 tags

Cybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed CosmicSting. Tracked as CVE-2024-34102 (CVSS

Alert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities

02/10/2024 0 Comments 0 tags

A little over a dozen new security vulnerabilities have been discovered in residential and enterprise routers manufactured by DrayTek that could be exploited to take over susceptible devices. “These vulnerabilities

Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. Organizations

02/10/2024 0 Comments 0 tags

Three different organizations in the U.S. were targeted in August 2024 by a North Korean state-sponsored threat actor called Andariel as part of a likely financially motivated attack. “While the

5 Must-Have Tools for Effective Dynamic Malware Analysis

02/10/2024 0 Comments 0 tags

Dynamic malware analysis is a key part of any threat investigation. It involves executing a sample of a malicious program in the isolated environment of a malware sandbox to monitor