OilRig APT Drills into Malware Innovation with Unique Backdoor
The RDAT tool uses email as a C2 channel, with attachments that hide data and commands inside images. Continue reading OilRig APT Drills into Malware Innovation with Unique Backdoor
Collaborate Disseminate
The RDAT tool uses email as a C2 channel, with attachments that hide data and commands inside images. Continue reading OilRig APT Drills into Malware Innovation with Unique Backdoor
Taiwanese consumer technology manufacturer D-Link has issued security fixes for a series of bugs that, if exploited, could have enabled hackers to steal passwords and other sensitive data from home internet routers during the coronavirus pandemic. If used in concert, the vulnerabilities would have allowed attackers to scan network traffic to steal session cookies, and upload or download sensitive files, Palo Alto Networks’ Unit 42 researchers said in findings published Friday. In some cases, the vulnerabilities could have helped attackers to conduct denial of service attacks. While D-Link has released a security update for the flaws in question, the advisory offers a reminder that home internet routers represent targets for hackers aiming to take advantage of the increased number of people around the world teleworking as a result of the coronavirus. Hackers seized the moment early during the coronavirus pandemic, messing with Domain Name System settings in home routers in the U.S. and in multiple European […]
The post Palo Alto Networks reveals D-Link home router vulnerabilities appeared first on CyberScoop.
Continue reading Palo Alto Networks reveals D-Link home router vulnerabilities
Cybercriminals aren’t sparing medical professionals, hospitals and healthcare orgs on the frontlines of the coronavirus pandemic when it comes to cyberattacks, ransomware attacks and malware. Continue reading Cyberattacks Target Healthcare Orgs on Coronavirus Frontlines
The botnet exploits a vulnerability discovered last month that can allow threat actors to remotely compromise and control devices. Continue reading New Mirai Variant ‘Mukashi’ Targets Zyxel NAS Devices
Unit 42 researchers discuss public cloud misconfiguration issues that are leading to breaches of sensitive data. Continue reading Cloud Misconfig Mistakes Show Need For DevSecOps
A full 98 percent of all IoT device traffic is unencrypted, exposing personal and confidential data on the network. Continue reading More Than Half of IoT Devices Vulnerable to Severe Attacks
In the second half of 2019, a U.S. government agency was targeted by repeated spearphishing attempts that could be from a mysterious group that has evaded attribution for years, according to new research issued Thursday by security firm Palo Alto Networks. The campaign, waged between July and October of 2019, targeted one U.S. government agency, which researchers at Palo Alto Networks’ Unit 42 do not identify, as well as two unnamed foreign nationals who are “professionally affiliated with” North Korea. The contents of the emails, which were sent with malicious files attached, touched on North Korean geopolitical topics, such as the possibility of a dialogue between Washington and Pyongyang or Russian-North Korean trade issues. Unit 42’s report does not say whether the spearphishing campaign was successful. The suspected hacking group — which Unit 42 and researchers from Cisco Talos have detailed in previous research — is known to target entities and individuals “who have interest in, are […]
The post Hackers spearphished U.S. government agency with North Korea-related content last year appeared first on CyberScoop.
There is no shortage of malware that government-backed hackers can get from the public domain, saving them the trouble of developing their own code. But to meet their intelligence-gathering needs, plenty of groups still roll up their sleeves and build their own kits. A Chinese espionage outfit known as Rancor has been particularly active on that front. New findings from Palo Alto Networks’ Unit 42 research unit, shared exclusively with CyberScoop, show how, over the past year, the group has tried to break into the network of an unnamed Cambodian government organization and deploy their custom malware. First, the group laced a Microsoft Excel document with previously undocumented malware in an attempted breach of the Cambodian organization in December 2018 and January 2019, Unit 42 said. When that didn’t work, Rancor packed a computer script with a bunch of potentially infectious code, Unit 42 researchers discovered in July. The research […]
The post This China-linked espionage group keeps trying to hack the Cambodian government appeared first on CyberScoop.
Continue reading This China-linked espionage group keeps trying to hack the Cambodian government
13 new exploits have been added to the malware’s bag of tricks. Continue reading Echobot IoT Botnet Casts a Wide Net with Raft of Exploit Additions
The infrastructure behind a remote access tool (RAT) allowing full remote takeover of a victim machine has been dismantled. Continue reading Authorities Break Up Imminent Monitor Spyware Organization