backdoor
Aerospace employees targeted with malicious “dream job” offers
It’s not just North Korean hackers who reach out to targets via LinkedIn: since at least September 2023, Iranian threat actor TA455 has been trying to compromise workers …
North Korean hackers employ new tactics to compromise crypto-related businesses
North Korean hackers are targeting crypto-related businesses with phishing emails and novel macOS-specific malware. The crypto-related phishing campaign Since July 2024, …
Beware of phishing emails delivering backdoored Linux VMs!
Unknown attackers are trying to trick Windows users into spinning up a custom Linux virtual machine (VM) with a pre-configured backdoor, Securonix researchers have discovered. …
FIN7 sells improved EDR killer tool
The cybercrime-focused enterprise known as FIN7 (aka the Carbanak group) has come up with yet another trick to assure the effectiveness of its “EDR killer” tool, …
Compromised plugins found on WordPress.org
An unknown threat actor has compromised five (and possibly more) WordPress plugins and injected them with code that creates a new admin account, effectively allowing them …
Ebury botnet compromises 400,000+ Linux servers
ESET researchers released its deep-dive investigation into one of the most advanced server-side malware campaigns. It is still growing and has seen hundreds of thousands of …
MITRE breach details reveal attackers’ successes and failures
MITRE has shared a timeline of the recent breach if fell victim to and has confirmed that it began earlier than previously thought: on December 31, 2023. On that day, the …
New open-source project takeover attacks spotted, stymied
The OpenJS Foundation has headed off a “credible takeover attempt” similar to the one that resulted in a backdoor getting included in the open-source XZ Utils …
XZ Utils backdoor: Detection tools, scripts, rules
As the analysis of the backdoor in XZ Utils continues, several security companies have provided tools and advice on how to detect its presence on Linux systems. What happened? …
XZ Utils backdoor update: Which Linux distros are affected and what can you do?
UPDATE: April 9, 09:23 AM ET A new story has been published: XZ Utils backdoor: Detection tools, scripts, rules The news that XZ Utils, a compression utility present in most …
Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094)
UPDATE: April 9, 09:23 AM ET Two stories have been published since this initial release: Which Linux distros are affected and what can you do? XZ Utils backdoor: Detection …
Hackers leverage 1-day vulnerabilities to deliver custom Linux malware
A financially motivated threat actor is using known vulnerabilities to target public-facing services and deliver custom malware to unpatched Windows and Linux systems. Among …
Featured news
Resources
Don't miss
- Maximum severity Cisco ISE vulnerabilities exploited by attackers
- Phishing campaign targets U.S. Department of Education’s G5 portal
- Cervantes: Open-source, collaborative platform for pentesters and red teams
- Phishing simulations: What works and what doesn’t
- Ports are getting smarter and more hackable