CISA has published its analysis of Resurge, a SpawnChimera malware variant used in attacks targeting a recent Ivanti Connect Secure zero-day.
The post CISA Analyzes Malware Used in Ivanti Zero-Day Attacks appeared first on SecurityWeek.
9-Year-Old NPM Crypto Package Hijacked for Information Theft
Nearly a dozen crypto packages on NPM, including one published 9 years ago, have been hijacked to deliver infostealers.
The post 9-Year-Old NPM Crypto Package Hijacked for Information Theft appeared first on SecurityWeek.
Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe
The Grandoreiro banking trojan has reemerged in new campaigns targeting users in Latin America and Europe.
The post Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe appeared first on SecurityWeek.
Russian Ransomware Gang Exploited Windows Zero-Day Before Patch
Exploitation of Windows MMC zero-day is being pinned on a ransomware gang known as EncryptHub (an affiliate of RansomHub)
The post Russian Ransomware Gang Exploited Windows Zero-Day Before Patch appeared first on SecurityWeek.
AMTSO Releases Sandbox Evaluation Framework
AMTSO has developed a Sandbox Evaluation Framework to standardize the testing of malware analysis solutions.
The post AMTSO Releases Sandbox Evaluation Framework appeared first on SecurityWeek.
macOS Users Warned of New Versions of ReaderUpdate Malware
macOS users are targeted with multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages.
The post macOS Users Warned of New Versions of ReaderUpdate Malware appeared first on SecurityWeek.
Chinese APT Weaver Ant Targeting Telecom Providers in Asia
Weaver Ant, a cyberespionage-focused APT operating out of China, is targeting telecom providers for persistent access.
The post Chinese APT Weaver Ant Targeting Telecom Providers in Asia appeared first on SecurityWeek.
Medusa Ransomware Uses Malicious Driver to Disable Security Tools
The Medusa ransomware relies on a malicious Windows driver to disable the security tools running on the infected systems.
The post Medusa Ransomware Uses Malicious Driver to Disable Security Tools appeared first on SecurityWeek.
300 Malicious ‘Vapor’ Apps Hosted on Google Play Had 60 Million Downloads
Over 300 malicious applications displaying intrusive full-screen interstitial video ads amassed more than 60 million downloads on Google Play.
The post 300 Malicious ‘Vapor’ Apps Hosted on Google Play Had 60 Million Downloads appeared first on SecurityWeek.
Chinese Hacking Group MirrorFace Targeting Europe
Chinese hacking group MirrorFace has targeted a Central European diplomatic institute with the Anel backdoor and AsyncRAT.
The post Chinese Hacking Group MirrorFace Targeting Europe appeared first on SecurityWeek.