-
September 30th: Cross-platform Chaos malware +++ Patch of the week
Cross-platform Chaos malware A new Botnet is taking hold of Windows and Linux devices alike, using them to start DDoS (Distributed Denial of Service) attacks. Chaos, a Go-based malware, can infect various architectures like x86, AMD64, ARMv5 and many more. With such a wide spectrum, it does not just target high value devices, it also […]
-
September 23rd: New rapidly evolving Chromeload Malware campaign +++ EU Cyber Resilience Act
Chromeload Malware Microsoft and VMware are warning of a new rapidly evolving malware campaign. The campaign formally known as ChromeLoader was first spotted in January 2022. At that time the malware was only used for hijacking the browser of victims and steal information. Overtime the malware evolved and fulfills now different purposes with different versions. […]
-
September 16th: Microsoft Patch fixes 63 vulnerabilities +++ Zero-Day Vulnerability in WordPress Plugin
Microsoft Patch fixes 63 vulnerabilities, including 5 critical Microsoft released a new Patch on Tuesday the 13th which fixes 63 vulnerabilities, 5 of them are classified as critical as they allow remote code execution. The number of bugs in each vulnerability category is listed below: 18 Elevation of Privilege Vulnerabilities 1 Security Feature Bypass Vulnerabilities […]
-
September 9th: Emerge of a new more user-friendly Phishing-as-a-Service platform +++ New stealthy Linux malware
Emerge of a new more user-friendly Phishing-as-a-Service platform A new reverse-proxy Phishing-as-a-Service (PaaS) platform called EvilProxy has emerged from the darknet with the promise to grant access to mainstream accounts like Apple, Google, Facebook, Microsoft and many more, even with MFA (Multi-factor authentication). In comparison to the other used methods before, EvilProxy is more user-friendly. […]
-
September 2nd: GO#WEBBFUSCATOR +++ Patches of the week
GO#WEBBFUSCATOR Threat analysts form Securonix have spotted a new malware campaign dubbed GO#WEBBFUSCATOR which relies on phishing e-mails, malicious documents and most curiously on an image of the James Webb telescope. The malware is written in Golang, a programing language which is becoming increasingly popularfor cybercrime thanks to its cross-platform and its resistance to reverse […]
-
August 26th: Microsoft Cyber Signals +++ Two new air-gap attacks +++ Cybercrime 2021 Threat Landscape Report
Microsoft Cyber Signals: Defend against the new ransomware landscape Microsoft published Cyber Signals, spotlighting security trends and insights gathered from Microsoft’s 43 trillion security signals and 8,500 security experts. In this edition, they pull back the curtain on the evolving cybercrime economy and the rise of Ransomware-as-a-service (RaaS). Instead of relying on what cybercriminals say […]
-
July 29th: Attack from charging socket via “Ghost Touch” +++ 2022 Unit 42 Incident Response Report +++ Security updates Samba
Touchscreens: Attack from the charging socket via “Ghost Touch” Researchers from Technical University Darmstadt and Zhejiang University in Hangzhou carried out attacks on capacitive touchscreens via charging cables and power supply units and thus uncovered a new attack possibility on mobile devices. In the experimental setup, a compromised public charging station was assumed to be […]
-
July 22nd: CloudMensis +++ Online storage services used for delivering malware +++ Vulnerabilities of the week
New malware backdoor: CloudMensis ESET researchers first spotted the new malware in April 2022 and named it CloudMensis. Why? It uses pCloud, Yandex Disk, and Dropbox public cloud storage services for command-and-control (C2) communication. CloudMensis’ capabilities clearly show that its operators’ main goal is to collect sensitive information from infected Macs through various means. These […]
-
6th May: Old Enemies hiding in New Places: Fileless Malware +++ Happy Patch-Day, Android!
Old Enemies hiding in New Places: Fileless Malware Attackers have found a creative new way of challenging cyber safety on a daily basis – using event logs to hide fileless malware. Kaspersky researchers published a report on the new malware campaign last Wednesday. Let’s take a closer look: The unusual thing about the campaign was […]
-
29th April: Quantum ransomware really escalates quickly +++ Emotet is not dead yet! +++ Log4J – it ain’t over yet
Quantum ransomware really escalates quickly Quantum ransomware was first discovered in August 2021 and was now thoroughly analyzed by The DFIR Report, a security analyst group. The Quantum ransomware is considered fast and aggressive, leaving little time to react. According to the analyst report, the attack takes 3 hours and 44 minutes from initial infection […]
