Cyber Warfare, Russia targeted by an APT since the invasion of Ukraine
MalwareBytes cybersecurity experts find 4 campaigns to spread a RAT with different baits but the same custom malware.
Cyber Espionage, Lazarus exploits Windows Update client to execute malware
Malwarebytes cybersecurity experts found 2 decoy documents in the North Korea APT’s campaign Lockheed Martin campaign, that use macro to spread malicious code.
Cyber Espionage, new variant of Konni malware has been used to target Russia
Malwarebytes cybersecurity experts: It is been potentially linked to the North Korean’s APT37. The malware is distributed via spear phishing with 2 weaponized documents.
Cybersecurity, Silver Sparrow targets Mac devices and the new M1 Chips
The malware has been discovered by a Malwarebytes, Red Canary and VMware Carbon Black research. However, today it doesn’t delivery additional payload.
Cybercrime, Malsmoke targets adult site visitors with new ZLoader campaign
Malwarebytes cybersecurity experts: It exploits a fake Java update, social engineering, and a decoy page filled with adult images purporting to be movies.
Cybercrime, new Mac ransomware spreads via piracy: OSX.EvilQuest
The cyber security experts: It’s present in online forums-torrent sites linked to MacOS software. The malware incorporates a keylogger, a reverse shell and can empty cryptocurrency wallets.
Cybercrime, new AgentTesla infostealer variant is on the wild
Malwarebytes cyber security experts: The malware has new features, as the capability to steal WiFi profiles. It’s .NET based and all the strings are decrypted by Rijndael algorithm.
Cyber Espionage, APT36 exploits Coronavirus to spy India
The cyber security experts: The Pakistan-based group used a spear phishing email with a link to a malicious document masquerading as the government of India to spread the malware.
Cybercrime, Cobalt and Magecart 4 (MG4) could be linked
Joint analysis by Malwarebytes and HYAS cyber security experts: Significant similarities between the registration information for domain names used in their infrastructure by both groups.
Cybercrime uses an iframe-based phishing system to steal payment card data
Malwarebytes cyber security expert Jerome Segura: Magecart groups inject credit card stealer scripts within every page of the hacked websites and configured it to pop-up.