Shuckworm Gang Attacks Ukrainian Companies Using Pterodo Backdoor and USB Drives
Symantec experts report that the Shuckworm hack group (aka Armageddon, Gamaredon, Iron Tilden, Primitive Bear, Trident Ursa, UNC530, Winterflounder, and so on) is attacking Ukrainian companies using the Pterodo backdoor…
Cloud Mining Scams Spread Banking Trojans
It's no secret that cybercriminals are increasingly using mobile platforms as an attack vector lately. One example is a new Android malware. It spreads through fake cloud mining scams services…
WannaCry 3.0 Ransomware Aims At Enlisted Russian-speaking Players
A previously unknown payload of ransomware, that call itself WannaCry 3.0, targets Russian-speaking players of the Enlisted game. Hackers reportedly use a modified game installer and a spoofed official site…
Malware in GitHub Repositories Is Spread From Fake Security Company Name
Researchers detected fake company accounts on GitHub linked to a deceitful cybersecurity company. These accounts are promoting harmful repositories on the code hosting service. According to the experts, all repositories…
BreachForums Is Back Online, Led by ShinyHunters
BreachForums, an infamous Darknet forum that was shut down in late March 2023, is back online since approx. June 13 2023. After 3 months offline, it is revived by a…
New critical vulnerabilities found in MOVEit Transfer
It became known that during the audit in the solution for managing file transfer MOVEit Transfer, new critical vulnerabilities were discovered. Previously, due to the exploitation of a 0-day vulnerability…
RDP Honeypot Was Attacked 3.5 Million Times
With increased remote work, IT teams use remote access tools to manage company devices and ensure smooth operations. Remote desktop connections are highly attractive to hackers, with an average of…
Information Security Experts Published a PoC Exploit for a Vulnerability in Win32k
Information security experts have published a PoC exploit for a privilege escalation vulnerability in the Win32k driver that was fixed in May. Let me remind you that this bug received…
Oneetx.exe
Oneetx.exe is a malicious process, related to Amadey dropper malware. It can be spectated in the Task Manager, with seemingly nothing suspicious about it – if you don’t know what…
BatCloak’s New Obfuscation Engine Outperforms 80% of Antiviruses
Trend Micro researchers reported recently that since September 2022, attackers have been actively using a malware obfuscation engine called BatCloak, which allows cybercriminals to effectively hide malicious code from antivirus…
Fortinet Fixes RCE Flaws in FortiOS and FortiProxy
Fortinet, a well-known vendor of corporate-grade security solutions, issued an urgent patch that fixes critical vulnerabilities in two products. FortiOS and FortiProxy SSL-VPN were reportedly vulnerable to remote code execution…
Clop Attacks on MOVEit Transfer Affected British Airways, BBC and More
According to security researchers, the Clop ransomware group has been looking for a way to exploit a vulnerability in MOVEit Transfer since 2021. Hackers say hundreds of companies have been…