Security News

Operation RusticWeb: Rust-Based Malware Targets Indian Government Entities
2023-12-22 13:19

Indian government entities and the defense sector have been targeted by a phishing campaign that's engineered to drop Rust-based malware for intelligence gathering. The activity, first detected in...

Decoy Microsoft Word Documents Used to Deliver Nim-Based Malware
2023-12-22 12:46

A new phishing campaign is leveraging decoy Microsoft Word documents as bait to deliver a backdoor written in the Nim programming language. "Malware written in uncommon programming languages puts...

UAC-0099 Using WinRAR Exploit to Target Ukrainian Firms with LONEPAGE Malware
2023-12-22 07:46

The threat actor known as UAC-0099 has been linked to continued attacks aimed at Ukraine, some of which leverage a high-severity flaw in the WinRAR software to deliver a malware strain called...

Microsoft: Hackers target defense firms with new FalseFont malware
2023-12-21 20:28

Microsoft says the APT33 Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack defense contractors worldwide. "Microsoft has observed the Iranian nation-state actor Peach Sandstorm attempting to deliver a newly developed backdoor named FalseFont to individuals working for organizations in the Defense Industrial Base sector," the company said.

New JavaScript Malware Targeted 50,000+ Users at Dozens of Banks Worldwide
2023-12-21 12:38

A new piece of JavaScript malware has been observed attempting to steal users' online banking account credentials as part of a campaign that has targeted more than 40 financial institutions across...

Android malware Chameleon disables Fingerprint Unlock to steal PINs
2023-12-21 10:00

The Chameleon Android banking trojan has re-emerged with a new version that uses a tricky technique to take over devices - disable fingerprint and face unlock to steal device PINs. It does this by using an HTML page trick to acquire access to the Accessibility service and a method to disrupt biometric operations to steal PINs and unlock the device at will.

Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware
2023-12-21 07:22

Attackers are weaponizing an old Microsoft Office vulnerability as part of phishing campaigns to distribute a strain of malware called Agent Tesla. The infection chains leverage decoy Excel...

New Go-Based JaskaGO Malware Targeting Windows and macOS Systems
2023-12-20 08:10

A new Go-based information stealer malware called JaskaGO has emerged as the latest cross-platform threat to infiltrate both Windows and Apple macOS systems. AT&T Alien Labs, which made the...

8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware
2023-12-19 06:58

The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming...

Rhadamanthys Malware: Swiss Army Knife of Information Stealers Emerges
2023-12-18 14:31

The developers of the information stealer malware known as Rhadamanthys are actively iterating on its features, broadening its information-gathering capabilities and also incorporating a plugin...