A suspected Chinese-linked cyber espionage campaign dubbed Temp.Periscope has been targeting engineering and maritime industries. FireEye has observed a spike in the campaign activity since early 2018 and has tracked the activity since 2013.
Russian government cyber activity has targeted U.S Government entities, energy and other critical infrastructure sectors. The activity has been active since at least March 2016, according to a US-CERT Technical Alert (TA).
Proofpoint security researchers have found a new Traffic Distribution System (TDS) dubbed BlackTDS for sale on the Dark Web.
Researchers at Kroll Cyber Security have identified a new point of sale (POS) malware dubbed PinkKite that has a tiny footprint of just 6K to avoid detection, similar to other POS malware families TinyPOS and AbaddonPOS.
Security researchers from FireEye have spotted an Irananian threat group dubbed "TEMP.Zagros" that is targeting government and defense organizations in Asia and the Middle East.
Microsoft issued March 2018 Security Updates that includes 75 vulnerability fixes, 15 of them rated critical. The updates address multiple Microsoft products to include Windows, Internet Explorer, Edge, Exchange, Office, Office Services and Web Apps, ChakraCore, PowerShell and Adobe Flash.
McAfee released its Q4 Labs Threats Report for Q4 2017. The report includes botnet campaign details regarding the Necurs and Gamut botnets, as well as Dridex banking Trojan and ransomware payloads from GlobeImposter, Locky and Scarab.
A highly sophisticated cyberespionage campaign dubbed Slingshot has been uncovered by Kaspersky security researchers. The campaign targets MikroTik routers to compromise them and use as a springboard to attack victims' computers, as the company revealed in last week's Kaspersky Security Analyst Summit (SAS).
Security researchers at Imperva have spotted a new generation of cryptojacking attacks dubbed RedisWannaMine that targets Windows database and application servers. The campain also leverages the leaked NSA exploit EternalBlue to exploit vulnerable Windows systems.
Hackers have attacked over 1,400 Apache Solr servers late last month to install a cryptocurrency miner. Researchers say the attack resembles a similar campaign discovered back in January that targeted systems running unpatched Oracle WebLogic software. In that attack, hackers installed a mining rig used to mine Monero cryptocurrency.