The Week in Ransomware – February 4th 2022 – Critical Infrastructure
Critical infrastructure suffered ransomware attacks, with threat actors targeting an oil petrol distributor and oil terminals in major ports in…
China-Linked Group Attacked Taiwanese Financial Firms for 18 Months
The Antlion group, also known as Pirate Panda and Tropic Trooper, has shifted to targeting mainly Taiwan, using custom backdoors…
Mac Malware-Dropping Adware Gets More Dangerous
The authors of UpdateAgent have tweaked it yet again — for the fifth time in less than 18 months.
Malicious CSV text files used to install BazarBackdoor malware
A new phishing campaign is using specially crafted CSV text files to infect users' devices with the BazarBackdoor malware. [...]
Cyberspies linked to Memento ransomware use new PowerShell malware
An Iranian state-backed hacking group tracked as APT35 (aka Phosphorus or Charming Kitten) is now deploying a new backdoor called…
Millions of Routers, IoT Devices at Risk as Malware Source Code Surfaces on GitHub
"BotenaGo" contains exploits for more than 30 vulnerabilities in multiple vendor products and is being used to spread Mirai botnet…
German govt warns of APT27 hackers backdooring business networks
The BfV German domestic intelligence services (short for Bundesamt für Verfassungsschutz) warn of ongoing attacks coordinated by the APT27 Chinese-backed…
Over 90 WordPress themes, plugins backdoored in supply chain attack
A massive supply chain attack compromised 93 WordPress themes and plugins to contain a backdoor, giving threat-actors full access to…
New MoonBounce UEFI malware used by APT41 in targeted attacks
Security analysts have discovered and linked MoonBounce, "the most advanced" UEFI firmware implant found so far in the wild, to the Chinese-speaking APT41…
New White Rabbit ransomware linked to FIN8 hacking group
A new ransomware family called 'White Rabbit' appeared in the wild recently, and according to recent research findings, could be…