Security News
A previously unknown threat actor dubbed 'Sandman' targets telecommunication service providers in the Middle East, Western Europe, and South Asia, using a modular info-stealing malware named 'LuaDream. SandMan has been seen deploying a new modular malware named 'LuaDream' in attacks using DLL hijacking on targeted systems.
The maintainers of Free Download Manager (FDM) have acknowledged a security incident dating back to 2020 that led to its website being used to distribute malicious Linux software. "It appears that...
The International Criminal Court disclosed a cyberattack on Tuesday after discovering last week that its systems had been breached. "At the end of last week, the International Criminal Court's services detected anomalous activity affecting its information systems," the ICC said.
New malware named HTTPSnoop and PipeSnoop are used in cyberattacks on telecommunication service providers in the Middle East, allowing threat actors to remotely execute commands on infected devices. The HTTPSnoop malware interfaces with Windows HTTP kernel drivers and devices to execute content on the infected endpoint based on specific HTTP(S) URLs, and the PipeSnoop accepts and executes arbitrary shellcode from a named pipe.
Microsoft has patched a vulnerability that exposed 38TB of private data from its AI research division. The repository held 38TB of private data, secrets, private keys, passwords and the open-source AI training data.
The APT36 hacking group, aka 'Transparent Tribe,' has been observed using at least three Android apps that mimic YouTube to infect devices with their signature remote access trojan, 'CapraRAT.'. APT36 is a Pakistan-aligned threat actor known for using malicious or laced Android apps to attack Indian defense and government entities, those dealing with Kashmir region affairs, and human rights activists in Pakistan.
Microsoft says an Iranian-backed threat group has targeted thousands of organizations in the U.S. and worldwide in password spray attacks since February 2023. "Between February and July 2023, Peach Sandstorm carried out a wave of password spray attacks attempting to authenticate to thousands of environments," the Microsoft Threat Intelligence team said.
Software bug-tracking company Rollbar disclosed a data breach after unknown attackers hacked its systems in early August and gained access to customer access tokens.The security breach was discovered by Rollbar on September 6 when reviewing data warehouse logs showing that a service account was used to log into the cloud-based bug monitoring platform.
A report from blockchain security firm PeckShield says that the attack drained CoinEx of about $19 million in $ETH, $11 million in $TRON, $6.4 million in Smart Chain Coin, $6 million in Bitcoin , and approximately $295,000 in. A more recent estimation on the CoinEx losses coming from CertiK Alert raises the figure to $53 million, analyzed as seen in this document.
A new ransomware strain called 3AM has been uncovered after a threat actor used it in an attack that failed to deploy LockBit ransomware on a target network. Researchers say in a report today that the new malware "Has only been used in a limited fashion" and it was a ransomware affiliate's fallback when defense mechanisms blocked LockBit.