On April 20, 2021, US-CERT issued an alert warning about an ongoing malicious campaign abusing vulnerable Pulse Connect Secure products to attack organizations across the US. The campaign broke forth in June 2020 and involved multiple security incidents affecting government agencies, critical infrastructure assets, and private sector organizations. Threat actors rely on a set of […]
Check Point Research’s Global Threat Index for March 2021 reveals that IcedID banking Trojan operators are entering the big game. Last month IcedID was included in the Index for the first time, at once taking second place right after the infamous Dridex. A surge in infections and notoriety is explained by the innovative delivery methods […]
Security researchers from FortiGuard Labs have uncovered a new FormBook variant being delivered in a massive phishing campaign. Particularly, adversaries target users with malware-laced Microsoft PowerPoint documents disguised as a follow-up to the recent purchase order. Those who fell for the bait of scammers got their devices infected with a notorious data-stealing malware. New FormBook […]
Security experts from Kaspersky Lab have uncovered a long-lasting cyber espionage operation launched by a Chinese nation-backed actor to target government and military institutions across Vietnam. The hacker group, known as Cycldek, APT27, GoblinPanda, and LuckyMouse, relied on a brand-new and highly evasive remote access Trojan to reach its malicious goal. The RAT, called FoundCore, […]
Experts from ESET have uncovered a new malicious sample leveraged by Lazarus APT to target an unnamed South African freight company. The malware, dubbed Vyveva, obtains impressive backdoor capabilities, which are used by the nation-backed actor for reconnaissance and cyber-espionage. Vyveva Backdoor Overview Vyveva is a custom threat applied by the North Korean state-sponsored group […]
On April 6, 2021, US-CERT issued an urgent alert warning about an ongoing malicious campaign that leverages old vulnerabilities in mission-critical SAP applications to target organizations worldwide. According to security experts, threat actors apply a variety of techniques, tactics, and procedures to target insecure instances. The successful attack might result in full system compromise, sensitive […]
Security analysts from Guardicore Labs have recently detected a new variant of the notorious Purple Fox rootkit, which now propagates as a worm across Windows machines. This latest malware upgrade results in a significant spike of Purple Fox infections, showing a 600% increase since spring 2020. This ongoing campaign relies heavily on port scanning and […]
Despite being patched for three years already, hackers reportedly rely on an old remote code execution vulnerability in Microsoft Office (CVE-2017-11882) to infect victims with malware. According to the threat analysis report from HP Bromium, the flaw accounts for nearly three-quarters of all exploits leveraged in Q4 2020. CVE-2017-11882 Description CVE-2017-11882 is a memory corruption […]
Security researchers are observing an ongoing malicious activity launched by the infamous Lazarus APT against Japanese organizations. Most of the infections follow the same routine and rely on VSingle and ValeforBeta malware samples. VSingle and ValeforBeta Analysis The latest inquiry by Shusei Tomonaga shows that VSingle malware acts as an HTTP bot designed to download […]
McAfee Advanced Threat Research (ATR) Strategic Intelligence team has uncovered a long-lasting cyber-espionage operation targeting major telecommunication providers worldwide. According to security researchers, Chinese nation-baked hackers have planted malware to the networks of multiple US, EU, and SouthEast Asian telecom firms to carry out reconnaissance and steal secret information linked to 5G technology. The malicious […]