Tag

Custom Malware

All articles tagged with #custom malware

"Rapid Deployment of Custom Linux Malware via 1-Day Exploits by Magnet Goblin Hacker Group"

Originally Published 1 year ago — by Help Net Security

A financially motivated threat actor known as Magnet Goblin is exploiting known vulnerabilities to target public-facing services and deliver custom malware to unpatched Windows and Linux systems, including recently discovered Ivanti Connect Secure VPN flaws. The group deploys custom Windows and Linux malware, such as NerbianRAT and MiniNerbian, and leverages legitimate remote monitoring and management tools. Researchers have observed the group's quick adoption of 1-day vulnerabilities to deliver their custom Linux malware, targeting areas that have been left unprotected.

technology cybersecurity 1-day-vulnerabilities custom-malware cybersecurity ivanti-connect-secure-vpn linux-malware threat-actor

Zero-Day Exploits: Ivanti VPN Targeted by Nation-State Actors

Originally Published 2 years ago — by BleepingComputer

Hackers have been exploiting two zero-day vulnerabilities in Ivanti Connect Secure to deploy custom malware for espionage since early December, targeting a small number of customers. The threat actor, UNC5221, uses a set of tools for post-compromise activities, including custom malware for webshell planting, command execution, and credential theft. The attackers used compromised Cyberoam VPN appliances as command and control servers and are suspected to be an advanced persistent threat (APT) targeting high-priority victims. While there is no attribution, system admins are advised to implement mitigations provided by Ivanti as there is currently no security update addressing the zero-days.

business cybersecurity custom-malware cybersecurity espionage ivanti-connect-secure mandiant zero-day-vulnerabilities