15 Jul 2020

More Malware Found Hidden in Chinese Tax Software

Researchers at Trustwave have uncovered more malware as part of a malware campaign hiding backdoors in mandatory Chinese tax software, highlighting the fact that the campaign may be more extensive than previously thought. Last month, Trustwave warned that it had found the GoldenSpy backdoor installed on several clients’ systems after

Read More
08 Jul 2020

Fxmsp hacker indicted by feds for selling backdoor access to hundreds of companies

US prosecutors have indicted a prolific hacker allegedly behind a criminal enterprise that was selling backdoor access to hundreds of global organizations. The criminal operated under the name “fxmsp” and is a 37-year-old Kazakhstan citizen named Andrey Turchin. On Tuesday, the indictment was unsealed in the Western District of Washington.

Read More
26 May 2020

Russian cyberspies use Gmail to control updated ComRAT malware

A new version of the ComRAT backdoor has been found by security researchers at ESET. The backdoor is controlled through the Gmail web interface and was discovered when the state-sponsored Russian hacker group Turla began using it to harvest data and steal information in attacks targeting governmental institutions. Other common

Read More
21 May 2020

New PipeMon malware uses Windows print processors for persistence

The Winnti hacking group has targeted video game companies again in a new campaign that utilizes recent malware called PipeMon, a modular backdoor that was identified earlier this year. PipeMon was discovered on servers belonging to video game developers of games that feature multiplayer options (massively multiplayer online) games. The

Read More
17 Jan 2020

Critical WordPress Bug Leaves 320,000 Sites Open to Attack

Infinite Client and WP Time Capsule, two WordPress plugins, contain vulnerabilities that leave sites open to attack. The bug is a critical authorization complication that allows adversaries access to the backend of a site without a password. The attacker only needs the admin username for the WordPress plugins. Both of

Read More
17 Oct 2019

.WAVs Hide Malware in Their Depths in Innovative Campaign

Security researchers with BlackBerry Cylance have spotted a new sophisticated campaign that spreads cryptojacking malware and a backdoor via .WAV audio files. The malware is embedded in the audio data and loaded when an infected file is played. Some of the malicious audio samples played music without glitches, while others

Read More
15 Oct 2019

Tactics of Supply-Chain Attack Group Exposed

Recent research by ESET has uncovered some of the tactics and tools used by the Winnti hacking group that has been carrying out supply-chain attacks against gaming companies since at least 2011. The attackers usually target game developers in order to embed backdoors in video games. In March of this

Read More
04 Oct 2019

Experts Slam US, Australia and UK’s Facebook Encryption Demands

The governments of the United States, the United Kingdom and Australia are urging Facebook not to implement end-to-end encryption on its Instagram and Messenger services. Earlier this year, the FTC slapped a $5bn fine on the social media giant over data protection and privacy issues that led to the Cambridge

Read More
30 Sep 2019

Global Consumers Reject Government-Mandated Encryption Backdoors

While the US Justice Department’s claims that government-mandated encryption backdoors would make it easier to prevent terror attacks, almost two-thirds (64%) of consumers across the US, UK, France and Germany don’t believe this argument, a recent survey by Venafi found. Only 30% of respondents expressed trust in governments to safeguard

Read More
26 Sep 2019

Hackers Replace Windows Narrator to Get SYSTEM Level Access

Researchers with Cylance have uncovered a new hacking campaign that takes advantage of the Windows Narrator app that users can launch from the logon screen before they have entered their credentials. The attackers, who are believed to be operating from China, have developed a malicious version of the app that

Read More