Security News

A reported Free Download Manager supply chain attack redirected Linux users to a malicious Debian package repository that installed information-stealing malware. BleepingComputer has also contacted the vendor of Free Download Manager for a comment, but we haven't heard back by publication time.

A new information stealer malware called MetaStealer has set its sights on Apple macOS, making the latest in a growing list of stealer families focused on the operating system after Stealer, Pureland, Atomic Stealer, and Realst. "Threat actors are proactively targeting macOS businesses by posing as fake clients in order to socially engineer victims into launching malicious payloads," SentinelOne security researcher Phil Stokes said in a Monday analysis.

A nation-state threat actor known as 'Charming Kitten' has been observed deploying a previously unknown backdoor malware named 'Sponsor' against 34 companies around the globe. One of the notable features of the Sponsor backdoor is that it hides its otherwise innocuous configuration files on the victim's disk so they can be discreetly deployed by malicious batch scripts, successfully evading detection.

A new phishing campaign taking advantage of an easily exploitable issue in Microsoft Teams to deliver malware has been flagged by researchers.Late last month, Truesec researchers spotted two compromised Microsoft 365 accounts sending HR-themed messages with a malicious attachment to enterprise targets.

A new malware loader called HijackLoader is gaining traction among the cybercriminal community to deliver various payloads such as DanaBot, SystemBC, and RedLine Stealer. The disclosure comes as Flashpoint disclosed details of an updated version of an information-stealing malware known as RisePro that was previously distributed via a pay-per-install malware downloader service dubbed PrivateLoader.

A new phishing campaign is abusing Microsoft Teams messages to send malicious attachments that install the DarkGate Loader malware. The campaign started in late August 2023, when Microsoft Teams phishing messages were seen being sent by two compromised external Office 365 accounts to other organizations.

Recently, a slew of activity by the advanced persistent threat group Lazarus has focused on finding vulnerable Microsoft IIS servers and infecting them with malware or using them to distribute malicious code. This article describes the details of the malware attacks and offers actionable suggestions for protecting Microsoft IIS servers against them.

A new malvertising campaign has been observed distributing an updated version of a macOS stealer malware called Atomic Stealer, indicating that it's being actively maintained by its author. An off-the-shelf Golang malware available for $1,000 per month, Atomic Stealer first came to light in April 2023.

A newer version of the Atomic Stealer macOS malware has a new trick that allows it to bypass the operating system's Gatekeeper, Malwarebytes researchers have discovered. "Criminals who buy the toolkit have been distributing it mostly via cracked software downloads but are also impersonating legitimate websites and using ads on search engines such as Google to lure victims in," says Malwarebytes researcher Jérôme Segura.

Meatbag errors are keeping CISOs awake at night, according to Proofpoint's "Cybersecurity: The 2023 Board Perspective" report, with 78 percent tapping it as the most significant risk. Global board members remained jittery - researchers found 73 percent felt at risk of cyber-attack.