Malware, Network Security, Threat Management, Vulnerability Management

SQL attack hits 125,000 sites

Angela MoscaritoloDecember 10, 2009

An SQL injection attack that began in late November has compromised more than 125,000 web pages, researchers at web security provider ScanSafe, recently acquired by Cisco, said Wednesday in a blog post. The sites have been injected with an IFRAME that loads malicious content from a known malicious domain, 318x.com. A number of other IFRAMEs and code redirections, used for tracking purposes, untimely aim to install the trojan Backdoor.Win32.Buzus.croo on the user's system. The malware generally is used for credit card and other banking-related theft. — AM

Angela Moscaritolo

Threat Intelligence

New Menorah malware bolsters OilRig APT’s cyberespionage efforts

SC StaffOctober 2, 2023

Iranian advanced persistent threat operation OilRig, also known as APT34, Helix Kitten, Hazel Sandstorm, and Cobalt Gypsy, had its cyberespionage arsenal strengthened with the novel Menorah malware deployed in a spear-phishing campaign, which included a Saudi Arabia-based organization as one of its targets, reports The Hacker News.

Malware

New ASMCrypt malware loader detailed

SC StaffOctober 2, 2023

New ASMCrypt malware loader detailed Novel malware crypter and loader ASMCrypt has been developed by cybercriminals building upon the stealthy DoubleFinger malware loader, which was previously leveraged to facilitate GreetingGhoul cryptocurrency stealer deployment, according to The Hacker News.