Security News

The malware loader 'Bumblebee' has broken its two-month vacation with a new campaign that employs new distribution techniques that abuse 4shared WebDAV services. Intel471's researchers report that Bumblebee's latest campaign, which started on September 7, 2023, abuses the 4shared WebDAV services to distribute the loader, accommodate the attack chain, and perform several post-infection actions.

A Chinese espionage-focused hacker tracked as 'Earth Lusca' was observed targeting government agencies in multiple countries, using a new Linux backdoor dubbed 'SprySOCKS.'. Trend Micro's analysis of the novel backdoor showed that it originates from the Trochilus open-source Windows malware, with many of its functions ported to work on Linux systems.

An ongoing campaign is targeting Facebook Business accounts with bogus messages to harvest victims' credentials using a variant of the Python-based NodeStealer and potentially take over their accounts for follow-on malicious activities. First documented by Meta in May 2023, NodeStealer originated as a JavaScript malware capable of pilfering cookies and passwords from web browsers to compromise Facebook, Gmail, and Outlook accounts.

Get technical details about how this new attack campaign is delivered via Microsoft Teams and how to protect your company from this loader malware. A new report from global cybersecurity company Truesec reveals a new attack campaign leveraging Microsoft Teams to infect companies' users.

Threat actors use Google Ads tracking templates as a loophole to create convincing Webex software search ads that redirect users to websites that distribute the BatLoader malware. Malwarebytes reports that a malicious Google ad impersonates the official Webex download portal, ranking at the highest position in Google Search results for the "Webex" term.

A download manager site served Linux users malware that stealthily stole passwords and other sensitive information for more than three years as part of a supply chain attack. The modus operandi entailed establishing a reverse shell to an actor-controlled server and installing a Bash stealer on the compromised system.

Enterprise macOS users are being targeted by attackers slinging new information-stealing malware dubbed MetaStealer. Dmg - and the inclusion of words such as "Official Brief Description" indicate that the malware peddlers are going specifically after enterprise macOS users.

A new ransomware family called 3AM has emerged in the wild after it was detected in a single incident in which an unidentified affiliate deployed the strain following an unsuccessful attempt to deploy LockBit in the target network. "3AM is written in Rust and appears to be a completely new malware family," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News.

'Obtaining a disruptive capability could be one possible motivation behind this surge in attacks' Espionage-ware thought to have been developed by China has once again been spotted within the...

A new information stealer malware named 'MetaStealer' has appeared in the wild, stealing a wide variety of sensitive information from Intel-based macOS computers. Although the malware has some similarities with Atomic Stealer, another Go-based macOS targeting info-stealer, the code overlap is limited, and the delivery methods are different.