Tag

Malware Attacks

All articles tagged with #malware attacks

cybersecurity1 year ago•2 min saved

"Global Enterprises Hit by Steganography Malware Attacks"

The threat actor TA558 has been using steganography to deliver various malware including Agent Tesla, FormBook, Remcos RAT, and others, with a campaign codenamed SteganoAmor. They have targeted sectors in Latin American countries and other regions, while also deploying Venom RAT via phishing attacks in several countries. The group has been observed using compromised SMTP servers and infected FTP servers to stage attacks and steal data. Additionally, another hacking group, Lazy Koala, has been targeting government organizations with a malware called LazyStealer, potentially linked to the group YoroTrooper. This activity is part of a broader trend of social engineering campaigns to spread malware.

via The Hacker News|

#cybersecurity #malware-attacks #phishing

technology1 year ago•2 min saved

"Microsoft's Record-Breaking April 2024 Patch Tuesday Addresses Zero-Day Exploits"

Microsoft has fixed two actively exploited zero-day vulnerabilities, CVE-2024-26234 and CVE-2024-29988, during the April 2024 Patch Tuesday. The first vulnerability involves a proxy driver spoofing issue, while the second is a SmartScreen prompt security feature bypass. These vulnerabilities were being actively exploited in malware attacks, with one being used by the financially motivated Water Hydra hacking group to deploy the DarkMe remote access trojan. Microsoft also released security updates for 150 vulnerabilities, including 67 remote code execution bugs, as part of the Patch Tuesday.

via BleepingComputer|

#cybersecurity #malware-attacks #microsoft

cybersecurity1 year ago•1 min saved

"92,000 D-Link NAS Devices Vulnerable to Critical Exploits"

Two critical security flaws affecting legacy D-Link NAS devices have left as many as 92,000 devices vulnerable to malware attacks, with threat actors actively exploiting the vulnerabilities to deliver the Mirai botnet malware. D-Link has no plans to release a patch and advises customers to replace the affected devices, while the Shadowserver Foundation recommends taking the devices offline or firewalling remote access to mitigate potential threats. The findings highlight the evolving tactics of threat actors, with malware-initiated scanning attacks increasingly being used to exploit vulnerabilities in target networks.

via The Hacker News|

#cybersecurity #d-link #malware-attacks

technology-firmware-security2 years ago•2 min saved

"UEFI Vulnerabilities Enable Stealth Malware Attacks and Secure Boot Bypass on Millions of PCs"

Multiple vulnerabilities in the Unified Extensible Firmware Interface (UEFI) code, collectively known as LogoFAIL, have been discovered, allowing threat actors to deliver malicious payloads and bypass security technologies. By injecting a malicious logo image file into the EFI system partition, attackers can bypass security solutions and deliver persistent malware during the boot phase. The vulnerabilities affect both x86 and ARM-based devices and major independent firmware/BIOS vendors (IBVs) like AMI, Insyde, and Phoenix, impacting a wide range of consumer and enterprise-grade devices. These flaws highlight the need for improved code quality and product security maturity in IBVs reference code.

via The Hacker News|

#firmware-security #image-parsing-libraries #malware-attacks