Security News

UAC-0050 Group Using New Phishing Tactics to Distribute Remcos RAT
2024-01-04 08:55

The threat actor known as UAC-0050 is leveraging phishing attacks to distribute Remcos RAT using new strategies to evade detection from security software. "The group's weapon of choice is Remcos...

Lazarus exploit Log4Shell vulnerability to deliver novel RAT malware
2023-12-12 14:33

North Korea-backed group Lazarus has been spotted exploiting the Log4Shell vulnerability and novel malware written in DLang. "This campaign consists of continued opportunistic targeting of enterprises globally that publicly host and expose their vulnerable infrastructure to n-day vulnerability exploitation such as CVE-2021-44228. We have observed Lazarus target manufacturing, agricultural and physical security companies," Cisco Talos researchers shared.

Lazarus hackers drop new RAT malware using 2-year-old Log4j bug
2023-12-11 21:25

The notorious North Korean hacking group known as Lazarus continues to exploit CVE-2021-44228, aka "Log4Shell," this time to deploy three previously unseen malware families written in DLang. The new malware are two remote access trojans named NineRAT and DLRAT and a malware downloader named BottomLoader.

Krasue RAT malware hides on Linux servers using embedded rootkits
2023-12-07 06:00

Security researchers discovered a remote access trojan they named Krasue that is targeting Linux systems of telecommunications companies and managed to remain undetected since 2021. According to researchers at cybersecurity company Group-IB, the main function of the malware is to maintain access to the host, which may suggest that it is deployed through a botnet or sold by initial access brokers to threat actors seeking access to a particular target.

Chinese Hackers Using SugarGh0st RAT to Target South Korea and Uzbekistan
2023-12-01 10:49

A suspected Chinese-speaking threat actor has been attributed to a malicious campaign that targets the Uzbekistan Ministry of Foreign Affairs and South Korean users with a remote access trojan...

NetSupport RAT Infections on the Rise - Targeting Government and Business Sectors
2023-11-20 15:19

Threat actors are targeting the education, government and business services sectors with a remote access trojan called NetSupport RAT. "The delivery mechanisms for the NetSupport RAT encompass...

Malicious NuGet Packages Caught Distributing SeroXen RAT Malware
2023-10-31 12:04

Cybersecurity researchers have uncovered a new set of malicious packages published to the NuGet package manager using a lesser-known method for malware deployment. Software supply chain security...

Quasar RAT Leverages DLL Side-Loading to Fly Under the Radar
2023-10-23 07:58

The open-source remote access trojan known as Quasar RAT has been observed leveraging DLL side-loading to fly under the radar and stealthily siphon data from compromised Windows hosts. "This...

Malicious Solana, Kucoin packages infect NuGet devs with SeroXen RAT
2023-10-12 17:40

Malicious NuGet packages appearing to have over 2 million downloads impersonate crypto wallets, crypto exchange, and Discord libraries to infect developers with the SeroXen remote access trojan. The malicious packages uploaded on NuGet by a user named 'Disti' were discovered by Phylum researchers, who published a report today to warn about the threat.

Malicious NuGet Package Targeting .NET Developers with SeroXen RAT
2023-10-12 13:17

A malicious package hosted on the NuGet package manager for the .NET Framework has been found to deliver a remote access trojan called SeroXen RAT. The package, named...