Security News

Massive Phishing Campaign Strikes Latin America: Venom RAT Targeting Multiple Sectors
2024-04-02 04:54

The threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors in Latin America with the goal of deploying Venom RAT. The attacks...

US organizations targeted with emails delivering NetSupport RAT
2024-03-22 12:48

Employees at US-based organizations are being targeted with emails delivering NetSupport RAT malware via "Nuanced" exploitation and by using an advanced detection evasion method. The phishing emails prompts recipients to download an attached Office Word file to view their "Monthly salary report".

TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks
2024-03-20 11:26

Multiple threat actors are exploiting the recently disclosed security flaws in JetBrains TeamCity software to deploy ransomware, cryptocurrency miners, Cobalt Strike beacons, and a Golang-based...

New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT
2024-03-19 05:28

A new phishing campaign is targeting U.S. organizations with the intent to deploy a remote access trojan called NetSupport RAT. Israeli cybersecurity company Perception Point is tracking the...

Magnet Goblin Hacker Group Leveraging 1-Day Exploits to Deploy Nerbian RAT
2024-03-11 05:59

A financially motivated threat actor called Magnet Goblin is swiftly adopting one-day security vulnerabilities into its arsenal in order to opportunistically breach edge devices and public-facing...

Open-Source Xeno RAT Trojan Emerges as a Potent Threat on GitHub
2024-02-27 12:56

An "intricately designed" remote access trojan (RAT) called Xeno RAT has been made available on GitHub, making it available to other actors at no extra cost. Written in C# and compatible with...

New IDAT loader version uses steganography to push Remcos RAT
2024-02-26 22:57

A hacking group tracked as 'UAC-0184' was observed utilizing steganographic image files to deliver the Remcos remote access trojan onto the systems of a Ukrainian entity operating in Finland. Steganography is a well-documented but rarely seen tactic that involves encoding malicious code into the pixel data of images to evade detection by solutions using signature-based rules.

New IDAT Loader Attacks Using Steganography to Deploy Remcos RAT
2024-02-26 14:54

Ukrainian entities based in Finland have been targeted as part of a malicious campaign distributing a commercial remote access trojan known as Remcos RAT using a malware loader called IDAT Loader....

Russian Government Software Backdoored to Deploy Konni RAT Malware
2024-02-22 10:43

An installer for a tool likely used by the Russian Consular Department of the Ministry of Foreign Affairs (MID) has been backdoored to deliver a remote access trojan called Konni RAT (aka UpDog)....

FBI seizes Warzone RAT infrastructure, arrests malware vendor
2024-02-12 23:09

The FBI dismantled the Warzone RAT malware operation, seizing infrastructure and arresting two individuals associated with the cybercrime operation. Warzone RAT is commodity malware created in 2018 that offers numerous features to aid cybercrime, including UAC bypass, hidden remote desktop, cookie and password stealing, keylogging, webcam recording, file operations, reverse proxy, remote shell, and process management.