Malware

Vulnerability Management

PKD, NSA, WS_FTP, Exim, Sextortion, BunnyLoader, CISA, More News, and Jason Wood – SWN #330

October 3, 2023

Minority Report, NSA, WS_FTP, Exim, Sextortion, BunnyLoader, CISA, More News, and Jason Wood.

Malware

LinkedIn Messaging used by APT to phish aerospace target and plant novel malware

Simon HenderyOctober 2, 2023

Hackers tricked an employee into downloading the previously unseen malware by claiming he was in the running for a job at Meta.

AI benefits/risks

Attackers leverage fraudulent Bing Chat ads to load malware payloads

Steve ZurierSeptember 29, 2023

Malwarebytes Labs researchers say users get tricked into loading malware because the fraudulent ads tend to get better placement than the legitimate search.

Malware

Fake Bitwarden site distributes novel RAT malware

Simon HenderySeptember 27, 2023

An authentic-looking page and an almost genuine URL can be enough to entice users to download malicious software.

Ransomware

ShadowSyndicate suspected of being RaaS affiliate to several ransomware families

Steve ZurierSeptember 26, 2023

Group-IB links suspected ransomware-as-a-service affiliate ShadowSyndicate to Quantam, Nokoyawa and ALPHV ransomware groups.

Transfer files data system relocation with internet cloud technology concept. Person hand using laptop computer waiting for transfer file process with loading bar icon on virtual screen.

Ransomware

Nearly 900 colleges hit by MOVEit hack on National Student Clearinghouse

Steve ZurierSeptember 25, 2023

The National Student Clearinghouse reported that more than 51,000 individuals were impacted by this latest MOVEit incident.

A worker rebuilds a cellular tower with 5G equipment for the Verizon network on November 26, 2019 in Orem, Utah. Based on Sandman’s tactics, techniques and procedures (TTPs), researchers suspect the group is likely espionage-focused and may be a private contractor or mercenary organization tasked with gathering the sensitive data telcos amas...

Malware

New stealthy APT targets telcos across three continents with novel backdoor

Simon HenderySeptember 22, 2023

Dubbed Sandman, the threat group is likely to be a private contractor or mercenary gang focused on espionage.

The FBI and CISA say Snatch, which was first observed in 2018, has targeted a wide range of victim organizations, including many from the food, agriculture, IT, and defense sectors. (Image Credit: Getty Images)

Malware

Feds issue Snatch ransomware warning as gang claims latest victim

Simon HenderySeptember 21, 2023

A joint FBI/CISA advisory highlighting Snatch’s evolving tactics coincided with the group alleging it had compromised the Florida Department of Veterans’ Affairs.

Malware

Related events

EMOTET Exposed: Inside the Cybercriminals’ Supply Chain

Related Videos

Lessons from Ukraine: How cyberwar shapes security at home

Related Perspectives

Why software teams have to change their focus from vulnerabilities to malware

Bad bots are growing in volume and sophistication – here’s what to do about it

Eight ways to guard against botnet attacks on enterprise networks

Briefs

Novel BunnyLoader MaaS threat examined

New Menorah malware bolsters OilRig APT’s cyberespionage efforts

New ASMCrypt malware loader detailed

PKD, NSA, WS_FTP, Exim, Sextortion, BunnyLoader, CISA, More News, and Jason Wood – SWN #330

LinkedIn Messaging used by APT to phish aerospace target and plant novel malware

Attackers leverage fraudulent Bing Chat ads to load malware payloads

Fake Bitwarden site distributes novel RAT malware

ShadowSyndicate suspected of being RaaS affiliate to several ransomware families

Nearly 900 colleges hit by MOVEit hack on National Student Clearinghouse

New stealthy APT targets telcos across three continents with novel backdoor

Feds issue Snatch ransomware warning as gang claims latest victim