Security News

Cybersecurity researchers have unearthed a new piece of evasive malware dubbed Beep that's designed to fly under the radar and drop additional payloads onto a compromised host. Other instructions the malware is capable of accepting from a command-and-control server include the ability to execute DLL and EXE files.

The APT37 threat group uses a new evasive 'M2RAT' malware and steganography to target individuals for intelligence collection. The threat actors targeted EU-based organizations with a new version of their mobile backdoor named 'Dolphin,' deployed a custom RAT called 'Konni,' and targeted U.S. journalists with a highly-customizable malware named 'Goldbackdoor.

A new stealthy malware named 'Beep' was discovered last week, featuring many features to evade analysis and detection by security software. Beep is an information stealer malware that uses three separate components: a dropper, an injector, and the payload. The dropper creates a new registry key with an 'AphroniaHaimavati' value that contains a base64 encoded PowerShell script.

Malicious actors have published more than 451 unique Python packages on the official Python Package Index repository in an attempt to infect developer systems with clipper malware. Targeted web browsers include Google Chrome, Microsoft Edge, Brave, and Opera, with the malware modifying browser shortcuts to load the add-on automatically upon launch using the "-load-extension" command line switch.

"Swiss Army knife" malware - multi-purpose malware that can perform malicious actions across the cyber-kill chain and evade detection by security controls - is on the rise, according to the results of Picus Security's analysis of over 550,000 real-world malware samples gathered from commercial and open-source threat intelligence services, security vendors and researchers, and malware sandboxes and databases. The average malware leverages 11 different tactics, techniques, and procedures.

Crooks have breached Pepsi Bottling Ventures' network and, after deploying info-stealing malware, made off with sensitive personal and financial information according to a notification sent to consumers. Pepsi Bottling Ventures - America's largest manufacturer and distributor of Pepsi-Cola beverages - didn't discover the unauthorized activity until January 10, we're told.

Pepsi Bottling Ventures LLC suffered a data breach caused by a network intrusion that resulted in the installation of information-stealing malware and the extraction of data from its IT systems.Pepsi Bottling Ventures is the largest bottler of Pepsi-Cola beverages in the United States, responsible for manufacturing, selling, and distributing popular consumer brands.

Five malicious packages were found on the Python Package Index, stealing passwords, Discord authentication cookies, and cryptocurrency wallets from unsuspecting developers. PyPI is a software repository for packages created in the Python programming language.

The US and UK have sanctioned seven Russians for their alleged roles in disseminating Conti and Ryuk ransomware and the Trickbot banking trojan. Conti and Ryuk ransomware extorted at least £27 million from 149 UK individuals and businesses, according to the government's estimate.

A campaign operated by Russian threat actors uses fake job offers to target Eastern Europeans working in the cryptocurrency industry, aiming to infect them with a modified version of the Stealerium malware named 'Enigma. The attacks start with an email pretending to be a job offer with fake cryptocurrency interviews to lure their targets.