C2 Archives - Securezoo

FontOnLake malware targets Linux systems

Cybersecurity Attacks, Malware / By Frank Crast / October 11, 2021 October 11, 2021

A previously unknown malware family dubbed FontOnLake is targeting Linux systems. The malware is made up of “custom and well-designed modules.”

Sidewalk backdoor linked to Grayfly espionage group

Cybercrime, Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / September 13, 2021 September 13, 2021

Researchers have recently discovered the Sidewalk modular backdoor has been linked to a Chinese Grayfly espionage group.

Justice Department seizes domains used in Nobelium spear-phishing attacks

Cybersecurity Attacks, Messaging Security, Phishing / By Frank Crast / June 2, 2021 June 2, 2021

The U.S. Justice Department has announced the seizure of domains used in Nobelium spear-phishing attacks previously identified by Microsoft last week.

New macOS malware linked to OceanLotus group

Cybersecurity Attacks, Malware / By Frank Crast / December 1, 2020 December 1, 2020

Security researchers have discovered a new macOS backdoor linked to the OceanLotus hacking group. The new malware variant has added new features such as new behavior and domain names.

SlothfulMedia: new malware variant used by “sophisticated actors”

Malware / By Frank Crast / October 2, 2020 October 2, 2020

Security experts warned of a new malware variant dubbed SlothfulMedia has been used by a “sophisticated cyber actor.”

GADOLINIUM threat actors use cloud services and open source tools in cyberattacks

Cloud Security, Cybersecurity Articles, Cybersecurity Attacks, Malware / By Frank Crast / October 2, 2020 October 2, 2020

Security experts from Microsoft have observed a cyber threat actor dubbed GADOLINIUM that uses new attack techniques via cloud services and open source tools.

NSA and FBI: watch out for Russian malware Drovorub

Cybersecurity Attacks / By Frank Crast / August 14, 2020 November 2, 2020

The National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) have released a joint cybersecurity alert for a new Russian malware dubbed Drovorub.

Doki malware targets exposed Docker servers in the cloud

Cloud Security, Configuration Management, Cybersecurity Attacks / By Frank Crast / July 29, 2020 July 29, 2020

Security researchers at Intezer Labs detected a new Linux malware dubbed “Doki” and cyber attack that uses blockchain wallet for generating command and control (C2) domain names.

CStealer: a new Windows trojan password stealer

Malware, Password Management / By Frank Crast / November 30, 2019 January 25, 2020

A new Windows trojan dubbed CStealer attempts to steal passwords from Chrome browser. The malware also uses a remote MongoDB server to store the stolen passwords.

Watchbog targets unpatched systems

Malware, Vulnerabilities & Exploits / By Frank Crast / September 13, 2019 August 18, 2020

Security experts have uncovered an incident that involved the Watchbog cryptomining botnet. Attackers exploited CVE-2018-1000861 to establish a foothold on the victim’s network and install Watchbog malware on unpatched systems.