In January 2025, FortiGuard Labs observed an attack that used Winos4.0, an advanced malware framework actively used in recent threat campaigns, to target companies in Taiwan.
According to a report released in November 2024, Winos4.0 was distributed through gaming-related applications, however, it spread via an email masquerading as from Taiwan’s National Taxation Bureau in the campaign in January 2025. The sender claimed that the malicious file attached was a list of enterprises scheduled for tax inspection and asked the receiver to forward the information to their company’s treasurer.
Read more…
Source: Fortinet
Related:
- Longtime FBI agent charged with disclosing classified records
March 20, 2025
A longtime FBI agent has been charged with unlawfully taking and disclosing classified FBI files, according to court records reviewed by CBS News. Johnathan Buma, who specialized in national security and terror cases, has been released on $100,000 bond, with orders to appear in court in Los Angeles. Buma was arrested as he boarded an international ...
- A website mapped Tesla owners and their personal information amid a wave of attacks
March 20, 2025
Tesla owners confirmed on Wednesday that an online map decorated with an image of a Molotov cocktail includes accurate personal information about them, such as residential addresses, raising fears that activists opposed to billionaire Tesla CEO Elon Musk could target them for vandalism. The online map went live Monday, displaying the names, addresses and contact information ...
- Critical Veeam Backup & Replication CVE-2025-23120
March 19, 2025
On Wednesday, March 19, 2025, backup and recovery software provider Veeam published a security advisory for a critical remote code execution vulnerability tracked as CVE-2025-23120. The vulnerability affects Backup & Replication systems that are domain joined. Veeam explicitly mentions that domain-joined backup servers are against security and compliance best practices, but in reality, we believe this ...
- Cyber Group Disrupts Communication Networks of Iranian Oil Fleet
March 19, 2025
A hacker group has disrupted the communication networks of ships belonging to two major Iranian shipping companies sanctioned by the US. The group, called Lab Dookhtegan or “Read My Lips”, said it has disrupted the communication networks of 116 ships and therefore, severed the ships’ connections to each other, their ports, and external communication channels, according ...
- Arcane stealer: We want all your data
March 19, 2025
At the end of 2024, Kaspersky researchers discovered a new stealer distributed via YouTube videos promoting game cheats. What’s intriguing about this malware is how much it collects. It grabs account information from VPN and gaming clients, and all kinds of network utilities like ngrok, Playit, Cyberduck, FileZilla and DynDNS. The stealer was named Arcane, not ...
- Fake BianLian Ransomware Letters in Circulation
March 19, 2025
On March 5, the FBI issued an alert regarding a mail scam targeting U.S. business executives with extortion. The letters claim to be from noted ransomware group BianLian, demanding a payment in Bitcoin ranging from $250,000 to $500,000 within ten days of receipt. The FBI alert reads as follows: “Stamped “Time Sensitive Read Immediately”, the letter ...