Destructive Windows backdoor stuffs multiple wipers and ransomware code into a single package
Microsoft says GigaWiper combines at least 3 malware families into one modular tool
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Microsoft says GigaWiper combines at least 3 malware families into one modular tool
Latest in long-running pwning of Cisco kit found in mystery Fed agency A US federal agency was successfully targeted by a previously unknown backdoor malware called Firestarter, according to CISA cybersnoops and their UK counterparts – neither of which disclosed the agency's name.…
$300 a month buys you a backdoor that looks like legit software Researchers at Proofpoint late last month uncovered what they describe as a "weird twist" on the growing trend of criminals abusing remote monitoring and management software (RMM) as their preferred attack tools.…
Redmond uncovers SesameOp, a backdoor hiding its tracks by using OpenAI’s Assistants API as a command channel Hackers have found a new use for OpenAI's Assistants API – not to write poems or code, but to secretly control malware.…
Keeping Pyongyang's coffers full North Korean-linked crews connected to the pervasive IT worker scams have upped their malware game, using more advanced tools, including a backdoor that has much of the same code as Pyongyang's infamous Lazarus Group deploys.…
Instead of job offers, victims get MiniJunk backdoor and MiniBrowse stealer Suspected Iranian government-backed online attackers have expanded their European cyber ops with fake job portals and new malware targeting organizations in the defense, manufacturing, telecommunications, and aviation sectors.…
'We do believe that this was likely the creation of a cybercrime group,' threat hunter tells The Reg ChillyHell, a modular macOS backdoor believed to be long dormant, has likely been infecting computers for years while flying under the radar, according to security researchers who spotted a malware sample uploaded to VirusTotal in May.…
'Plague' malware has been around for months without tripping alarms Researchers at German infosec services company Nextron Threat have spotted malware that creates a highly-persistent Linux backdoor and say antivirus engines do not flag the code as malicious.…
Plus, a brand-new backdoor, GhostSpider, is linked to the cyber-spy crew's operations The reach of the China-linked Salt Typhoon gang extends beyond American telecommunications giants, and its arsenal includes several backdoors, including a brand-new malware dubbed GhostSpider, according to Trend Micro researchers.…
PLUS: Chinese chipmaker Nexperia attacked; A Microsoft-signed backdoor; CISA starts scanning your malware; and more Infosec in brief US Congress nearly killed a reauthorization of FISA Section 702 last week over concerns that it would continue to allow warrantless surveillance of Americans, but an amendment to require a warrant failed to pass.…
Attack happened in 2023 using a bespoke backdoor, confirming year-old suspicions Dutch authorities are lifting the curtain on an attempted cyberattack last year at its Ministry of Defense (MoD), blaming Chinese state-sponsored attackers for the espionage-focused intrusion.…
The threat hunters believe COLDRIVER has used SPICA since at least November 2022 Russian cyberspies linked to the Kremlin's Federal Security Service (FSB) are moving beyond their usual credential phishing antics and have developed a custom backdoor that they started delivering via email as far back as November 2022, according to Google's Threat Analysis Group.…
Snoops had no fewer than five custom bits of malware to hand to backdoor networks Two zero-day bugs in Ivanti products were likely under attack by cyberspies as early as December, according to Mandiant's threat intel team.…
Novel malware adapts delivers DDoS attacks and provides RAT functionality Incident responders say they've found a new type of multi-platform malware abusing the New Kind of Network (NKN) protocol.…
Got a Confluence server? Listen up. Malware said to have wide-ranging capabilities A new backdoor was this week found implanted in the environments of organizations to exploit the recently disclosed critical vulnerability in Atlassian Confluence.…
Sophisticated malware devs believed to be behind latest addition to toolset of China-aligned attackers Security researchers have uncovered a backdoor used in attacks against governments and organizations in the Association of Southeast Asian Nations (ASEAN).…
Operators stay ahead of defenders with new access methods and C2 infrastructure The Qbot malware operation – which started more than a decade ago as banking trojan only to evolve into a backdoor and a delivery system for ransomware and other threats – continues to deftly adapt its techniques to stay ahead of security pros, according to a new report.…
Act now: Sea-themed backdoor malware injected via .tar-based hole A critical remote command injection vulnerability in some Barracuda Network devices that the vendor patched 11 days ago has been exploited by miscreants – for at least the past seven months.…
And one designed to slip ransomware and data-stealing code onto infected machines URSNIF, the malware also known as Gozi that attempts to steal online banking credentials from victims' Windows PCs, is evolving to support extortionware.…
Can't get into that machine? No problem, just trust this completely sketchy looking tool Industrial engineers and operators are being lured into running backdoor malware disguised as tools for recovering access to work systems.…