Virus & Threats – Page 3 – WindowsTechs.com

Malicious PyPI Module Poses as SentinelOne SDK

Posted on December 19, 2022 by Ionut Arghire

Security researchers with ReversingLabs warn of a new supply chain attack using a malicious PyPI module that poses as a software development kit (SDK) from the cybersecurity firm SentinelOne.
read more Continue reading Malicious PyPI Module Poses as SentinelOne SDK→

Glupteba Botnet Still Active Despite Google’s Disruption Efforts

Posted on December 19, 2022 by Eduard Kovacs

An analysis conducted by OT and IoT cybersecurity firm Nozomi Networks shows that the Glupteba botnet is still active following Google’s efforts to disrupt the cybercrime operation.
read more Continue reading Glupteba Botnet Still Active Despite Google’s Disruption Efforts→

CISA Warns Veeam Backup & Replication Vulnerabilities Exploited in Attacks

Posted on December 14, 2022 by Eduard Kovacs

The US Cybersecurity and Infrastructure Security Agency (CISA) has added two flaws affecting Veeam’s Backup & Replication product to its Known Exploited Vulnerabilities Catalog.
read more Continue reading CISA Warns Veeam Backup & Replication Vulnerabilities Exploited in Attacks→

Security Firms Warn Microsoft of Signed Drivers Used to Kill EDR, AV Processes

Posted on December 14, 2022 by Eduard Kovacs

Several cybersecurity firms have warned Microsoft that cybercriminals have been using signed malicious drivers to kill processes associated with antivirus (AV) and endpoint detection and response (EDR) products.
read more Continue reading Security Firms Warn Microsoft of Signed Drivers Used to Kill EDR, AV Processes→

New Python-Based Backdoor Targeting VMware ESXi Servers

Posted on December 13, 2022 by Ionut Arghire

Security researchers with Juniper Networks’ Threat Labs warn of a new Python-based backdoor targeting VMware ESXi virtualization servers.
read more Continue reading New Python-Based Backdoor Targeting VMware ESXi Servers→

Users Warned of New Aerst, ScareCrow, and Vohuk Ransomware Families

Posted on December 12, 2022 by Ionut Arghire

Fortinet’s security researchers have shared information on three new ransomware families named Aerst, ScareCrow, and Vohuk.
read more Continue reading Users Warned of New Aerst, ScareCrow, and Vohuk Ransomware Families→

Healthcare Organizations Warned of Royal Ransomware Attacks

Posted on December 9, 2022 by Ionut Arghire

The US Department of Health and Human Services (HHS) is warning healthcare organizations of the threat posed by ongoing Royal ransomware attacks.
Initially spotted in September 2022, the ransomware family is employed by a financially-motivated threat a… Continue reading Healthcare Organizations Warned of Royal Ransomware Attacks→

LF Electromagnetic Radiation Used for Stealthy Data Theft From Air-Gapped Systems

Posted on December 9, 2022 by Eduard Kovacs

Mordechai Guri, a cybersecurity researcher from the Ben-Gurion University of the Negev in Israel who specializes in air gap jumping, has released a paper detailing yet another method that can be used to stealthily exfiltrate data from systems isolated … Continue reading LF Electromagnetic Radiation Used for Stealthy Data Theft From Air-Gapped Systems→

Vulnerabilities Allow Researcher to Turn Security Products Into Wipers

Posted on December 8, 2022 by Ionut Arghire

SafeBreach Labs security researcher Or Yair discovered several vulnerabilities that allowed him to turn endpoint detection and response (EDR) and antivirus (AV) products into wipers.
read more Continue reading Vulnerabilities Allow Researcher to Turn Security Products Into Wipers→

Iranian Hackers Deliver New ‘Fantasy’ Wiper to Diamond Industry via Supply Chain Attack

Posted on December 8, 2022 by Ionut Arghire

An Iran-linked advanced persistent threat (APT) actor named Agrius is using a new wiper in attacks targeting entities in South Africa, Israel and Hong Kong, cybersecurity firm ESET reports.
read more Continue reading Iranian Hackers Deliver New ‘Fantasy’ Wiper to Diamond Industry via Supply Chain Attack→