malware Archives - Securezoo

Shutterfly targeted with ransomware attack

Cybersecurity Attacks, Malware / By Frank Crast / December 27, 2021 December 27, 2021

California-based photography and image sharing company Shutterfly LLC has been targeted in a ransomware attack.

Tags: Conti, Cyberattack, malware, Ransomware

EwDoor Botnet attacking AT&T network edge devices

Cybersecurity Attacks, Network Security, Vulnerabilities & Exploits / By Frank Crast / December 1, 2021 December 1, 2021

An attacker has been targeting unpatched AT&T network edge devices via a brand new botnet dubbed EwDoor.

Tags: AT&T, CVE-2017-6079, DDoS, Edge, EdgeMarc, EwDoor, malware, Network

Squirrelwaffle uses Office docs to infect victim systems with CobaltStrike

Malware / By Frank Crast / November 13, 2021 November 13, 2021

Researchers have discovered a new malware threat dubbed “Squirrelwaffle” that uses Microsoft Office documents to infect victim systems with CobaltStrike.

Tags: CobaltStrike, malware, Squirrelwaffle

Embedded malware discovered in NPM package ua-parser-js

Application Security, Malware, Security Updates & Patches, Third-Party Security, Vulnerabilities & Exploits / By Frank Crast / October 27, 2021 October 27, 2021

Embedded malware has been discovered in an NPM package ua-parser-js, a popular JavaScript library designed to detect browser, engine, OS, CPU, and device type/model from User-Agent data.

Tags: JavaScript, malware, NPM, ua-parser-js, User-Agent

BlackMatter ransomware has targeted multiple U.S. critical infrastructure entities

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / October 23, 2021 October 23, 2021

BlackMatter ransomware has targeted multiple U.S. critical infrastructure entities, to include two U.S. Food and Agriculture Sector organizations.

Tags: BlackMatter, CISA, FBI, malware, NSA, RaaS

Trickbot tops most popular malware in September 2021

Malware, Vulnerabilities & Exploits / By Frank Crast / October 11, 2021 October 11, 2021

Check Point Research has revealed that Trickbot is once again the most popular malware, according to a Global Threat Index report for September 2021. A remote access trojan, njRAT, was also added to the top 10 report for first time ever.

Tags: Agent Tesla, Floxif, Formbook, Glupteba, malware, njRAT, Ramnit, Remcos, Tofsee, Trickbot, XMRig

FontOnLake malware targets Linux systems

Cybersecurity Attacks, Malware / By Frank Crast / October 11, 2021 October 11, 2021

A previously unknown malware family dubbed FontOnLake is targeting Linux systems. The malware is made up of “custom and well-designed modules.”

Tags: Boost, C/C++, C2, ESET, FrontOnLake, Linux, malware, Poco, Protobuf, Trojan

Microsoft: Nobelium cybergang deploys FoggyWeb backdoor to target AD FS servers

Cybersecurity Attacks, Malware / By Frank Crast / September 28, 2021 September 28, 2021

Microsoft has warned that Nobelium threat actors are using a new backdoor malware dubbed FoggWeb to target Active Directory Federation Services (AD FS) servers.

Tags: Active Directory, AD FS, backdoor, Cyberattack, FoggyWeb, malware, Microsoft, Nobelium

Sidewalk backdoor linked to Grayfly espionage group

Cybercrime, Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / September 13, 2021 September 13, 2021

Researchers have recently discovered the Sidewalk modular backdoor has been linked to a Chinese Grayfly espionage group.

Tags: backdoor, C2, ESET, espionage, Exchange, Grayfly, malware, shellcode, Sidewalk

Babuk ransomware: Soon to be targeting VMware and *nix systems?

Cybersecurity Attacks, Malware / By Frank Crast / August 1, 2021 August 1, 2021

Cybercriminals behind Babuk ransomware announced in an underground forum that they are developing malware targeting Linux/UNIX and VMware ESXi systems.

Tags: ESXi, Golang, Linux, malware, Ransomware