Cybersecurity, multiple vulnerabilities in D-LINK DIR-3040 wireless router
Cisco Talos: An attacker could carry out a variety of malicious actions, including exposing sensitive information, causing a DoS and executing arbitrary code.
Cybercrime, the Necro Python malware is evolving
Cisco Talos cybersecurity experts: The bot has new features, ranging from different C2 communications to exploits to spread. It also uses a Tezos miner.
Cybercrime, Loda RAT is back with new versions
Cisco Talos cybersecurity experts: The 1.1.1 malware added a Powershell keylogger and a VB script. The 1.1.7 update removed them, focusing on stealing passwords and cookies from browsers.
Cyber Espionage, Iran still targets Lebanon government
Cyber security experts found an update of the Karkoff implant, used by APT34. It proves that group is still operating and that a new campaign is active. The malware is delivered through spear-phishing emails.
Cybercrime, SWEED is targeting precision engineering companies in Italy
Marco Ramilli, cyber security expert and Yoroi founder: The attacker, pretended to be a customer, sent to victims an email containing Microsoft XLS file, without Macro but with hidden malware.
Cybercrime, Gustuff Android banking trojan is back with new features
Cisco Talos cyber security experts: The malware still attacks Australia and spreads via SMS. But latest version no longer has hardcoded package names and added a “poor man scripting engine”.
Cybercrime increase the use of ODT files to distribute malware
Cisco Talos cyber security experts found there campaigns that leverage OpenDocument Text format. But could be more in the future. Targets today are English and Arabic-speaking users.
Cybercrime: here it comes Divergent a new fileless malware
Cisco Talos cyber security experts: It uses the system registry to bypass anti-virus scanning, a registry key to maintain persistence and PowerShell to install.
Cybercrime is targeting Italy with a new version of JasperLoader
Cisco Talos cyber security experts: It features several changes and improvements to control where the malware can spread and avoid analysis by sandboxes and antivirus.
Qakbot (aka Qbot) malware is evolving with new obfuscation techniques
Cisco Talos Cyber Security experts: The banking trojan is utilizing an updated persistence mechanism that can make it harder for users to detect and remove it.