Security researchers at Intezer Labs detected a new Linux malware dubbed "Doki" and cyber attack that uses blockchain wallet for generating command and control (C2) domain names.
A new Windows trojan dubbed CStealer attempts to steal passwords from Chrome browser. The malware also uses a remote MongoDB server to store the stolen passwords.
Security experts have uncovered an incident that involved the Watchbog cryptomining botnet. Attackers exploited CVE-2018-1000861 to establish a foothold on the victim's network and install Watchbog malware on unpatched systems.
Talos security researchers have developed a new decryption tool that victims could potentially use to recover files locked out by PyLocky ransomware.
Security researchers from Anomali Labs have discovered a new malware dubbed "Linux Rabbit" that has targeted Linux servers and Internet-of-Things (IoT) devices in Russia, South Korea, the UK, and the US.
Last week, a worm was used to spread via removable drives and install a fileless version of the BLADABINDI backdoor. BLADABINDI is notable as a remote access tool (RAT) used for multiple backdoor capabilities and used for keylogging and DDoS threats.
Talos security researchers have spotted a new family of malware dubbed "GoScanSSH" that compromises internet-facing SSH servers. The malware targets default and weak passwords via a brute force attack on SSH systems that allow password-based SSH authentication.
Security researchers discovered a supply chain threat used to distribute a backdoor and multi-stage malware via legitimate software package CCleaner.