A brand new Linux malware has been found infecting thousands of computers around the world, stealing people’s login credentials, payment information, and browser cookies, security researchers are warning.
SentinelLabs and Beazley Security issued a joint report detailing the activities of PXA Stealer, a new Python-based infostealer for the Linux platform. It was first spotted in late 2024, and has since grown into a formidable threat, successfully evading defense tools while wreaking havoc across the globe.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- NSA shares list of vulnerabilities commonly exploited to plant web shells
April 23, 2020
The US National Security Agency (NSA) and the Australian Signals Directorate (ASD) have published a security advisory this week warning companies to search web-facing and internal servers for common web shells. Web shells are one of today’s most popular forms of malware. The term “web shell” refers to a malicious program or script that’s installed on ...
- Studying How Cybercriminals Prey on the COVID-19 Pandemic
April 22, 2020
With the spread of the coronavirus worldwide, interest is high in related topics. Accordingly, Unit 42 researchers found an immense increase in coronavirus-related Google searches and URLs viewed since the beginning of February. Cybercriminals are looking to profit from such trending topics, disregarding ethical concerns, and in this particular case preying on the misfortunes of ...
- Security researcher identifies new APT group mentioned in 2017 Shadow Brokers leak
April 22, 2020
Three years and eight days ago, on April 14, 2017, a mysterious group of hackers known as the Shadow Brokers published a collection of hacking tools that ended up changing the internet forever. Known as the “Lost in Translation” dump, this collection of files included tens of hacking tools and exploits stolen from the US National ...
- Fast-Moving DDoS Botnet Exploits Unpatched ZyXel RCE Bug
April 22, 2020
A new variant of the Hoaxcalls botnet, which can be marshalled for large-scale distributed denial-of-service (DDoS) campaigns, is spreading via an unpatched vulnerability impacting the ZyXEL Cloud CNM SecuManager that was disclosed last month. That’s according to researchers at Radware, who also said that it’s notable how quickly Hoaxcalls operators have moved to weaponize the ZyXel ...
- New iOS zero-days actively used against high-profile targets
April 22, 2020
Two zero-day vulnerabilities affecting iPhone and iPad devices were found by cybersecurity startup ZecOps after the discovery of a series of ongoing remote attacks that have targeted iOS users since at least January 2018. “The attack’s scope consists of sending a specially crafted email to a victim’s mailbox enabling it to trigger the vulnerability in the context of iOS ...
- State-backed phishing targets U.S. Government employees with fast food lures
April 22, 2020
More than a dozen state-backed hacking groups are actively targeting U.S. Government employees and healthcare organizations in phishing campaigns that use lures designed to take advantage of the fears surrounding the COVID-19 pandemic. “TAG has specifically identified over a dozen government-backed attacker groups using COVID-19 themes as lure for phishing and malware attempts—trying to get their targets to ...