Attackers continue to target VMware Horizon servers, which many organizations use to securely access enterprise apps for remote workers. Attackers are exploiting the critical Apache Log4j remote code execution vulnerability that came to the fore in December 2021. Sophos researchers…
An unknown threat actor has been employing a “ complex and powerful” malware loader for deploying cryptocurrency miners on affected systems and possibly allowing the theft of Discord tokens. “The evidence found on victim networks appears to indicate that the…
Purple Fox malware operators have expanded their malware arsenal and now possess a new variant of a remote access trojan FataIRAT. Further, at the same time, the operators have improved their evasive capabilities to bypass security software. “Users’ machines are…
Researchers have uncovered a malicious scheme mainly directed towards Chinese users via fake apps on Android and iOS that resemble genuine digital wallet services to steal cryptocurrency funds. “These malicious apps were able to steal victims’ secret seed phrases by…
A new massive supply chain attack targeting Azure developers for stealing personal information has deployed more than 218 malicious NPM packages. “After manually inspecting some of these packages, it became apparent that this was a targeted attack against the entire…
Analysts from AhnLab, a company specialized in cybersecurity, revealed the spread of a new but already known virus called BitRAT. What is BitRAT? BitRAT, a malware classified as a Remote Access Trojan (RAT) is being distributed to users looking to…
A new email campaign attacking French entities uses a highly evasive attack chain. The phishing campaign is installing a new backdoor named Serpent. Initial details The sophisticated threat actor is leveraging a unique amalgamation of open-source software, which is a…
Mikro Tik’s vulnerable routers have been used in one of the largest botnet-as-a-service cybercrime, according to cybersecurity researchers. Avast published a new piece of research that states a cryptocurrency mining attack using the new-disrupted Glupteba botnet and the infamous TrickBot…
Can web browsers protect us, even if it is HTTPS? Maybe yes, but not with the novel BitB attack, which fakes us by a popup SSO window to phish the credentials for Google, Facebook, and Microsoft. Before clicking wily-nily on…
Researchers have identified that the actors behind the Gh0stCringe remote access trojan are targeting Microsoft SQL and MySQL database servers. Gh0stCringe, which is thought to be active since 2018, is a known variant of Gh0st RAT malware. A recent report…
