Security News

State-backed Chinese hackers launched a spearphishing campaign to deliver custom malware stored in Google Drive to government, research, and academic organizations worldwide. The Chinese hackers used Google accounts to send their targets email messages with lures that tricked them into downloading custom malware from Google Drive links.

The LodaRAT malware has resurfaced with new variants that are being deployed in conjunction with other sophisticated malware, such as RedLine Stealer and Neshta. "The ease of access to its source code makes LodaRAT an attractive tool for any threat actor who is interested in its capabilities," Cisco Talos researcher Chris Neal said in a write-up published Thursday.

The Mirai-based botnet 'RapperBot' has re-emerged via a new campaign that infects IoT devices for DDoS attacks against game servers. The malware was discovered by Fortinet researchers last August when it used SSH brute-forcing to spread on Linux servers.

WASP malware is using steganography and polymorphism to evade detection with malicious Python packages designed to steal credentials, personal information, and cryptocurrency. Researchers from Phylum and Check Point earlier this month reported seeing new malicious packages on PyPI, a package index for Python developers.

Today we will discuss five use cases of how a malware sandbox can help, so you can avoid any threats and find out the truth behind insidious files. A malware sandbox is a tool for suspicious programs' execution in the virtual environment, safe for your computer.

North Korean hackers are using a new version of the DTrack backdoor to attack organizations in Europe and Latin America. In the new campaign, Kaspersky has seen DTrack distributed using filenames commonly associated with legitimate executables.

This tiny mesh router provides instant ad blocking and protection from malware - with no need for complex software. It normally sells for $99, but TechRepublic readers can grab it today for only $79. The Gryphon Guardian router automatically filters online content according to your rules.

A newly discovered evasive malware leverages the Secure Shell cryptographic protocol to gain entry into targeted systems with the goal of mining cryptocurrency and carrying out distributed denial-of-service attacks. Dubbed KmsdBot by the Akamai Security Intelligence Response Team, the Golang-based malware has been found targeting a variety of companies ranging from gaming to luxury car brands to security firms.

A previously undocumented Android spyware tool named 'BadBazaar' has been discovered targeting ethnic and religious minorities in China, most notably the Uyghurs in Xinjiang. Uyghurs, a regional Muslim minority of roughly 13 million people, have suffered extreme oppression from the central Chinese government due to their cultural deviation from typical eastern Chinese values.

A ongoing phishing campaign has infected thousands of home and corporate users with a new version of the 'IceXLoader' malware. The discovery of the Nim-based malware came in June 2022 by Fortinet, when IceXLoader was in version 3.0, but the loader was missing key features and generally appeared like a work-in-progress.