Chinese Cyber Espionage Targets Telecom Operators in Asia Since 2021

Cyber espionage groups associated with China have been linked to a long-running campaign that has infiltrated several telecom operators located in a single Asian country at least since 2021.  “The attackers placed backdoors on the networks of targeted companies and also attempted to steal credentials,” the Symantec Threat Hunter Team, part of Broadcom, said in[…]

Covid-19

New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration

A new Rust-based information stealer malware called Fickle Stealer has been observed being delivered via multiple attack chains with the goal of harvesting sensitive information from compromised hosts.  Fortinet FortiGuard Labs said it’s aware of four different distribution methods — namely VBA dropper, VBA downloader, link downloader, and executable downloader — with some of them[…]

REvil

BitRAT and Lumma Stealer Malware Delivered via Fake Browser Updates

Fake web browser updates are being used to deliver remote access trojans (RATs) and information stealer malware such as BitRAT and Lumma Stealer (aka LummaC2).  “Fake browser updates have been responsible for numerous malware infections, including those of the well-known SocGholish malware,” cybersecurity firm eSentire said in a new report. “In April 2024, we observed[…]

VBScript Phased Out by Microsoft for JavaScript and PowerShell

Microsoft on Wednesday outlined its plans to deprecate Visual Basic Script (VBScript) in the second half of 2024 in favour of more advanced alternatives such as JavaScript and PowerShell.  “Technology has advanced over the years, giving rise to more powerful and versatile scripting languages such as JavaScript and PowerShell,” Microsoft Program Manager Naveen Shankar said.[…]

Supply Chain Security

Most organisations depend on suppliers to deliver services, systems and products. You probably have several suppliers; it is how we do business.   Supply chains can be large and complex, involving many suppliers doing many different things. Effectively securing the supply chain can be hard because vulnerabilities can be inherent or introduced and exploited at any[…]

Hacker at a keyboard

VPN Applications Secretly Turning Android Phones into Proxies for Cyber Criminals

Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store.  The findings come from HUMAN’s Satori Threat Intelligence team, which said the cluster of VPN apps came fitted with a Golang library that transformed the user’s device[…]