Linux Implementation of Cobalt Strike Beacon Targeting Organizations Worldwide
By: Ravie Lakshmanan
Researchers on Monday took the wraps off a newly discovered Linux and Windows re-implementation of Cobalt Strike Beacon that's actively set its sights on government, telecommunications, information...
Experts Link Sidewalk Malware Attacks to Grayfly Chinese Hacker Group
By: Ravie Lakshmanan
A previously undocumented backdoor that was recently found targeting an unnamed computer retail company based in the U.S. has been linked to a longstanding Chinese espionage operation...
New 0-Day Attack Targeting Windows Users With Microsoft Office Documents
By: Ravie Lakshmanan
Microsoft on Tuesday warned of an actively exploited zero-day flaw impacting Internet Explorer that's being used to hijack vulnerable Windows systems by leveraging weaponized Office documents.
Tracked as...
Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server
By: Ravie Lakshmanan
The maintainers of Jenkins—a popular open-source automation server software—have disclosed a security breach after unidentified threat actors gained access to one of their servers by exploiting a...
FIN7 Hackers Using Windows 11 Themed Documents to Drop Javascript Backdoor
By: Ravie Lakshmanan
A recent wave of spear-phishing campaigns leveraged weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript implant, against a...
Microsoft Warns of Widespread Phishing Attacks Using Open Redirects
By: Ravie Lakshmanan
Microsoft is warning of a widespread credential phishing campaign that leverages open redirector links in email communications as a vector to trick users into visiting malicious websites...
Critical Cosmos Database Flaw Affected Thousands of Microsoft Azure Customers
By: Ravie Lakshmanan
Cloud infrastructure security company Wiz on Thursday revealed details of a now-fixed Azure Cosmos database vulnerability that could have been potentially exploited to grant any Azure user...
New SideWalk Backdoor Targets U.S.-based Computer Retail Business
By: Ravie Lakshmanan
A computer retail company based in the U.S. was the target of a previously undiscovered implant called SideWalk as part of a recent campaign undertaken by a...
Researchers Detail Modus Operandi of ShinyHunters Cyber Crime Group
By: Ravie Lakshmanan
ShinyHunters, a notorious cybercriminal underground group that's been on a data breach spree since last year, has been observed searching companies' GitHub repository source code for vulnerabilities...
ShadowPad Malware is Becoming a Favorite Choice of Chinese Espionage Groups
By: Ravie Lakshmanan
ShadowPad, an infamous Windows backdoor that allows attackers to download further malicious modules or steal data, has been put to use by five different Chinese threat clusters...