Security News

N. Korea's Kimsuky Targeting South Korean Research Institutes with Backdoor Attacks
2023-12-08 13:33

The North Korean threat actor known as Kimsuky has been observed targeting research institutes in South Korea as part of a spear-phishing campaign with the ultimate goal of distributing backdoors...

Fake WordPress security advisory pushes backdoor plugin
2023-12-04 17:19

WordPress administrators are being emailed fake WordPress security advisories for a fictitious vulnerability tracked as CVE-2023-45124 to infect sites with a malicious plugin. The emails pretend to be from WordPress, warning that a new critical remote code execution flaw in the platform was detected on the admin's site, urging them to download and install a plugin that allegedly addresses the security issue.

Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.
2023-12-02 08:29

Organizations in the Middle East, Africa, and the U.S. have been targeted by an unknown threat actor to distribute a new backdoor called Agent Racoon. "This malware family is written using the...

Hackers use new Agent Raccoon malware to backdoor US targets
2023-12-01 19:15

A novel malware named 'Agent Raccoon' is being used in cyberattacks against organizations in the United States, the Middle East, and Africa. Agent Raccoon is a.NET malware disguised as a Google Update or Microsoft OneDrive Updater that leverages the DNS protocol to establish a covert communication channel with the attackers' C2 infrastructure.

New Rust-based SysJoker backdoor linked to Hamas hackers
2023-11-26 15:09

A new version of the multi-platform malware known as 'SysJoker' has been spotted, featuring a complete code rewrite in the Rust programming language. Examination of the new Rust-based variants by Check Point has established a connection between the previously unattributed backdoor and 'Operation Electric Powder,' which dates back to 2016-2017.

Hamas-Linked Cyberattacks Using Rust-Powered SysJoker Backdoor Against Israel
2023-11-24 10:31

Cybersecurity researchers have shed light on a Rust version of a cross-platform backdoor called SysJoker, which is assessed to have been used by a Hamas-affiliated threat actor to target Israel...

Novel backdoor persists even after critical Confluence vulnerability is patched
2023-11-14 11:00

A new backdoor was this week found implanted in the environments of organizations to exploit the recently disclosed critical vulnerability in Atlassian Confluence. The backdoor provides attackers remote access to a victim, both its Confluence server and other network resources, and is found to persist even after Confluence patches are applied.

Alert: 'Effluence' Backdoor Persists Despite Patching Atlassian Confluence Servers
2023-11-10 08:58

Cybersecurity researchers have discovered a stealthy backdoor named Effluence that's deployed following the successful exploitation of a recently disclosed security flaw in Atlassian Confluence Data Center and Server. "The malware acts as a persistent backdoor and is not remediated by applying patches to Confluence," Aon's Stroz Friedberg Incident Response Services said in an analysis published earlier this week.

BlueNoroff hackers backdoor Macs with new ObjCShellz malware
2023-11-07 20:26

The North Korean-backed BlueNorOff threat group targets Apple customers with new macOS malware tracked as ObjCShellz that can open remote shells on compromised devices. ObjCShellz is an Objective-C-based malware, quite different from other malicious payloads deployed in previous BlueNorOff attacks.

Turla Updates Kazuar Backdoor with Advanced Anti-Analysis to Evade Detection
2023-11-01 07:21

The Russia-linked hacking crew known as Turla has been observed using an updated version of a known second-stage backdoor referred to as Kazuar. The new findings come from Palo Alto Networks Unit...