News • Insights • Analysis
The BfV German domestic intelligence services (short for Bundesamt für Verfassungsschutz) warn of ongoing attacks coordinated by the APT27 Chinese-backed hacking group. This active campaign is targeting German commercial organizations, with the attackers using the HyperBro remote access trojans (RAT) Read More …
Researchers have uncovered a new strain of macOS malware in targeted attacks against visitors to a Hong Kong pro-democracy radio station website. The website was used to facilitate a watering hole attack and to serve a Safari browser exploit to Read More …
New FluBot and TeaBot malware distribution campaigns have been spotted, using typical smishing lures or laced apps against Android users in Australia, Germany, Poland, Spain, and Romania. The SMS topics used for spreading the FluBot malware include fake courier messages, Read More …
The Trickbot Trojan has been revised with a new set of anti-reverse engineering features including the capability to crash computers if analysis tools are detected. Over the years, Trickbot has evolved from its original state as a banking Trojan to Read More …
Cisco Talos recently discovered an out-of-bounds read vulnerability in Apple’s macOS and iOS operating systems that could lead to the disclosure of sensitive memory content. An attacker could capitalize on that information to aid in the exploitation of other vulnerabilities Read More …
It has been some time since SMS or text messaging has become a means to spread mobile malware. In September 2021, Trend Micro confirmed a new mobile malware infection chain targeting both Android and iPhone devices. The chain is triggered Read More …
Hackers are using Microsoft OneDrive in a multi-stage espionage campaign aimed at high-ranking government officials in Western Asia, according to a new report from Trellix. Researchers with Trellix named the malware involved “Graphite” because it uses Microsoft’s Graph API to Read More …
Canada’s foreign affairs department was hit with a cyberattack last week, according to the Treasury Board of Canada. The hack of Global Affairs Canada, the government entity responsible for diplomatic and global relations, occurred on Wednesday, according to a statement Read More …
A new .NET malware packer being used to deliver a variety of remote access trojans (RATs) and infostealers has a fixed password named after Donald Trump, giving the new find its name, “DTPacker.” DTPacker was discovered by researchers at Proofpoint Read More …
While monitoring of the LockBit ransomware’s intrusion set, Trend Micro researchers found an announcement for LockBit Linux-ESXi Locker version 1.0 on October 2021 in the underground forum “RAMP,” where potential affiliates can find it. This signifies the LockBit ransomware group’s Read More …
