Malware

New Phobos ransomware variant impersonates VX-Underground malware-sharing group

Laura FrenchNovember 22, 2023

VX-Underground told SC Media the attempted frame-job would likely have little impact except to “make us look like jerks.”

Linux source code with a binary background. 3D rendered Illustration.

Cloud Security

Kinsing malware exploits critical Apache ActiveMQ flaw to mine crypto

Steve ZurierNovember 21, 2023

Earlier this month it was Looney Tunables, now Kinsing launched attacks on Apache ActiveMQ to infect systems with malware and cryptominers.

Malware

LummaC2 4.0 infostealer uses trigonometry to avoid sandboxes

Steve ZurierNovember 20, 2023

Outpost24 researchers expect LummaC2 4.0 malware to evolve with improved obfuscation techniques and updates to its control panel.

Vulnerability Management

Cashwarp vs. Reptar, Rackspace, BlackCat, Bots, Aaran Leyland and More – SWN #343

November 17, 2023

Cashwarp vs. Reptar, Rackspace, BlackCat, Intel, AMD, Bots and more bots, Aaran Leyland, and More News on the Security Weekly News.

Vulnerability Management

SSH Under Attack, IoT Routers, BLE Spam, & Patching a House of Cards – PSW #807

November 15, 2023

In the Security News: SSH under attack, IoT routers have vulnerabilities, the BLE Spam attacks still work against iPhones, there is a longer story behind BLE spam, and Larry is one of the stars, denial of pleasure via BLE, vulnerability disclosure and your blob is showing, the half-day watcher, tapping into cameras, 50 shades of vulnerabilities, N...

Vulnerability Management

Cybertruck, Solarwinds, Bitcoin, Docker, Ducktail, Experian, More News and Jason Wood – SWN #342

November 14, 2023

Cybertruck, Solarwinds, Bitcoin, Docker, Ducktail, Experian, More News and Jason Wood, on this edition of the Security Weekly News.

The Docker website is displayed on a computer.

Malware

OracleIV emerges as a ‘Dockerized’ DDoS bot agent

Steve ZurierNovember 13, 2023

Cado Security Labs says OracleIV demonstrates how attackers can hijack an exposed Docker host and run malicious code in a portable way.

Laptop with binary computer code and Korean flag on the screen.

Malware

North Korea-linked BlueNoroff’s macOS malware variant targets financial firms

Steve ZurierNovember 7, 2023

Jamf says North Korean subgroup of the financially motivated Lazarus Group targets specific users the threat actors believe have access to cryptocurrency.

Malware

Related Videos

Lessons from Ukraine: How cyberwar shapes security at home

Related Perspectives

Why software teams have to change their focus from vulnerabilities to malware

Bad bots are growing in volume and sophistication – here’s what to do about it

Eight ways to guard against botnet attacks on enterprise networks

Briefs

Updated WailingCrab malware loader ups stealth

Novel SysJoker variant leveraged by Hamas-linked threat operation

Trojanized CyberLink installer used in global Lazarus supply chain attack

New Phobos ransomware variant impersonates VX-Underground malware-sharing group

Kinsing malware exploits critical Apache ActiveMQ flaw to mine crypto

LummaC2 4.0 infostealer uses trigonometry to avoid sandboxes

Cashwarp vs. Reptar, Rackspace, BlackCat, Bots, Aaran Leyland and More – SWN #343

SSH Under Attack, IoT Routers, BLE Spam, & Patching a House of Cards – PSW #807

Cybertruck, Solarwinds, Bitcoin, Docker, Ducktail, Experian, More News and Jason Wood – SWN #342

OracleIV emerges as a ‘Dockerized’ DDoS bot agent

North Korea-linked BlueNoroff’s macOS malware variant targets financial firms