BianLian, a group of cybercriminals known for their ransomware attacks, recently caught the attention of the information security community. By exploiting vulnerabilities in the JetBrains TeamCity platform, they managed to carry out multistage cyberattacks. Threat actors reportedly start their attack chain with a Golang-based backdoor, and work their way all the way to the ransomware… Continue reading BianLian Exploits TeamCity Vulnerability to Deploy Backdoors
Tag: Backdoors
What is a Bootkit? Explanation & Protection Guide
Bootkit is a rather unusual and unspoken, though widely used kind of malware. These advanced malware types operate beneath the surface, embedding themselves in a computer’s boot sector, allowing them to activate before the operating system (OS) even starts. But why do they need such a deep integration? And where are they used? Let’s find… Continue reading What is a Bootkit? Explanation & Protection Guide
TeamTNT Group Returns with Silent Bob Campaign
Aqua Security security researchers have warned that the TeamTNT group may be preparing a new large-scale anti-cloud campaign called “Silent Bob”. Such suspicions arose after experts discovered hackers targeting misconfigured servers. Aqua Security launched an investigation after discovering an attack on one of its lures. Subsequently, 4 images of malicious containers were discovered. However, given… Continue reading TeamTNT Group Returns with Silent Bob Campaign
Shuckworm Gang Attacks Ukrainian Companies Using Pterodo Backdoor and USB Drives
Symantec experts report that the Shuckworm hack group (aka Armageddon, Gamaredon, Iron Tilden, Primitive Bear, Trident Ursa, UNC530, Winterflounder, and so on) is attacking Ukrainian companies using the Pterodo backdoor distributed via USB drives. The main targets of hackers are important organizations in the military and IT sectors. According to experts, in some cases, the… Continue reading Shuckworm Gang Attacks Ukrainian Companies Using Pterodo Backdoor and USB Drives
Vulnerability Found in Twitter Code That Provokes a “Shadowban” of the Victim
Recently, Twitter fulfilled a promise made by Elon Musk and published on GitHub the source code of its recommender algorithm, where a vulnerability was discovered that could send a user to a shadowban. Numerous researchers immediately took up the study of the source code, and now one of the problems they discovered was assigned the… Continue reading Vulnerability Found in Twitter Code That Provokes a “Shadowban” of the Victim
YouTube Video Causes Pixel Smartphones to Reboot
Users have found that Pixel smartphones powered by Google Tensor processors are rebooting when user is trying to watch a clip from the movie “Alien” on YouTube in 4K HDR. Let me remind you that we also wrote that Janet Jackson Song Killed Hard Drives on Old Laptops, as well as Cellmate men’s chastity belts… Continue reading YouTube Video Causes Pixel Smartphones to Reboot
Application Bugs Allowed to Open and Start Cars Hyundai, Genesis and Others
Experts from Yuga Labs discovered vulnerabilities in mobile applications for Hyundai and Genesis vehicles. In addition, the SiriusXM smart car platform, used in cars from other manufacturers (Acura, BMW, Honda, Infiniti, Jaguar, Land Rover, Lexus, Nissan, Subaru and Toyota), allowed to remotely unlock the car, start the engine and perform other actions. Let me remind… Continue reading Application Bugs Allowed to Open and Start Cars Hyundai, Genesis and Others
PCspoF Attack Could Disable Orion Spacecraft
A team of researchers from the University of Michigan, the University of Pennsylvania, and NASA have detailed a TTEthernet (Time-Triggered Ethernet) PCspoF attack that could disable the Orion spacecraft. Experts say vulnerabilities in this network technology, which is widely used in the space and aviation industries, could have catastrophic consequences for critical systems, including the… Continue reading PCspoF Attack Could Disable Orion Spacecraft
New PowerShell Backdoor Masquerades as a Windows Update
Cybersecurity experts from SafeBreach have found a new, previously undocumented and “undetectable” PowerShell backdoor, which hackers actively use and has been used to attack at least 69 targets. Let me remind you that we also wrote that Germans Interested in the Situation in Ukraine Are Attacked by the PowerShell RAT Malware. The backdoor spreads through… Continue reading New PowerShell Backdoor Masquerades as a Windows Update
Hundreds of Microsoft SQL Servers Infected with Maggie Backdoor
Security researchers have discovered a new malware that targets Microsoft SQL servers. The backdoor is dubbed Maggie, has already infected hundreds of machines around the world. The greatest distribution of malware is observed in South Korea, India, Vietnam, China, Russia, Thailand, Germany and the USA. Let me remind you that we also wrote that Fargo… Continue reading Hundreds of Microsoft SQL Servers Infected with Maggie Backdoor