Cyber espionage groups associated with China have been linked to a long-running campaign that has infiltrated several telecom operators located in a single Asian country at least since 2021. “The attackers placed backdoors on the networks of targeted companies and also attempted to steal credentials,” the Symantec Threat Hunter Team, part of Broadcom, said in[…]
A new Rust-based information stealer malware called Fickle Stealer has been observed being delivered via multiple attack chains with the goal of harvesting sensitive information from compromised hosts. Fortinet FortiGuard Labs said it’s aware of four different distribution methods — namely VBA dropper, VBA downloader, link downloader, and executable downloader — with some of them[…]
Fake web browser updates are being used to deliver remote access trojans (RATs) and information stealer malware such as BitRAT and Lumma Stealer (aka LummaC2). “Fake browser updates have been responsible for numerous malware infections, including those of the well-known SocGholish malware,” cybersecurity firm eSentire said in a new report. “In April 2024, we observed[…]
Microsoft on Wednesday outlined its plans to deprecate Visual Basic Script (VBScript) in the second half of 2024 in favour of more advanced alternatives such as JavaScript and PowerShell. “Technology has advanced over the years, giving rise to more powerful and versatile scripting languages such as JavaScript and PowerShell,” Microsoft Program Manager Naveen Shankar said.[…]
Most organisations depend on suppliers to deliver services, systems and products. You probably have several suppliers; it is how we do business. Supply chains can be large and complex, involving many suppliers doing many different things. Effectively securing the supply chain can be hard because vulnerabilities can be inherent or introduced and exploited at any[…]
Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store. The findings come from HUMAN’s Satori Threat Intelligence team, which said the cluster of VPN apps came fitted with a Golang library that transformed the user’s device[…]
A massive malware campaign dubbed Sign1 has compromised over 39,000 WordPress sites in the last six months, using malicious JavaScript injections to redirect users to scam sites. The most recent variant of the malware is estimated to have infected no less than 2,500 sites over the past two months alone, Sucuri said in a report[…]