Security News

Chinese Hackers Deploy SpiceRAT and SugarGh0st in Global Espionage Campaign
2024-06-21 13:42

A previously undocumented Chinese-speaking threat actor codenamed SneakyChef has been linked to an espionage campaign primarily targeting government entities across Asia and EMEA (Europe, Middle...

UNC3886 hackers use Linux rootkits to hide on VMware ESXi VMs
2024-06-20 17:46

A suspected Chinese threat actor tracked as UNC3886 uses publicly available open-source rootkits named 'Reptile' and 'Medusa' to remain hidden on VMware ESXi virtual machines, allowing them to conduct credential theft, command execution, and lateral movement. A new report by Mandiant unveils UNC3886's use of the mentioned rootkits on virtual machines for long-term persistence and evasion, as well as custom malware tools such as 'Mopsled' and 'Riflespine,' which leveraged GitHub and Google Drive for command and control.

Hackers use F5 BIG-IP malware to stealthily steal data for years
2024-06-17 17:37

A group of suspected Chinese cyberespionage actors named 'Velvet Ant' are deploying custom malware on F5 BIG-IP appliances to gain a persistent connection to the internal network and steal data. Using the compromised F5 BIG-IP devices, the threat actors could stealthily steal sensitive customer and financial information from the company for three years without being detected.

China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices
2024-06-17 11:59

A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the...

Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor
2024-06-17 06:28

Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake browser updates. "The threat actor employs a multi-stage...

U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain
2024-06-16 04:31

Law enforcement authorities have allegedly arrested a key member of the notorious cybercrime group called Scattered Spider. The individual, a 22-year-old man from the United Kingdom, was arrested...

Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks
2024-06-15 08:13

A suspected Pakistan-based threat actor has been linked to a cyber espionage campaign targeting Indian government entities in 2024. Cybersecurity company Volexity is tracking the activity under...

Scattered Spider hackers switch focus to cloud apps for data theft
2024-06-14 15:04

The Scattered Spider gang has started to steal data from software-as-a-service applications and establish persistence through creating new virtual machines. While there are reports about Scattered Spider being an organized gang with specific members, the group is actually a loose knit collective of English-speaking individuals that work together to carry out breaches, steal data, and extort their targets.

North Korean Hackers Target Brazilian Fintech with Sophisticated Phishing Tactics
2024-06-14 06:45

Threat actors linked to North Korea have accounted for one-third of all the phishing activity targeting Brazil since 2020, as the country's emergence as an influential power has drawn the...

Life360 says hacker tried to extort them after Tile data breach
2024-06-12 16:45

"Similar to many other companies, Life360 recently became the victim of a criminal extortion attempt. We received emails from an unknown actor claiming to possess Tile customer information," Life360 CEO Chris Hulls said. The exposed data "Does not include more sensitive information, such as credit card numbers, passwords or log-in credentials, location data, or government-issued identification numbers, because the Tile customer support platform did not contain these information types," Hulls added.