CyberArk

December 23, 2023 A new phishing campaign is leveraging decoy Microsoft Word documents as bait to deliver a backdoor written in the Nim programming language. “Malware written in uncommon programming languages puts the security community at a disadvantage as researchers and reverse engineers’ unfamiliarity can hamper their investigation,” Netskope researchers Ghanashyam Satpathy and Jan Michael Alcantara&nbsp …

Decoy Microsoft Word Documents Used to Deliver Nim-Based Malware Read More »

December 23, 2023 The threat actor known as UAC-0099 has been linked to continued attacks aimed at Ukraine, some of which leverage a high-severity flaw in the WinRAR software to deliver a malware strain called LONEPAGE. “The threat actor targets Ukrainian employees working for companies outside of Ukraine,” cybersecurity firm Deep Instinct said in a Thursday analysis. UAC-0099 was first …

UAC-0099 Using WinRAR Exploit to Target Ukrainian Firms with LONEPAGE Malware Read More »

December 23, 2023 Organizations in the Defense Industrial Base (DIB) sector are in the crosshairs of an Iranian threat actor as part of a campaign designed to deliver a never-before-seen backdoor called FalseFont. The findings come from Microsoft, which is tracking the activity under its weather-themed moniker Peach Sandstorm (formerly Holmium), which is also known as APT33, …

Microsoft Warns of New ‘FalseFont’ Backdoor Targeting the Defense Sector Read More »

December 22, 2023 A new analysis of the sophisticated commercial spyware called Predator has revealed that its ability to persist between reboots is offered as an “add-on feature” and that it depends on the licensing options opted by a customer. “In 2021, Predator spyware couldn’t survive a reboot on the infected Android system (it had …

Experts Detail Multi-Million Dollar Licensing Model of Predator Spyware Read More »

December 22, 2023 Cybersecurity researchers have discovered an updated version of an Android banking malware called Chameleon that has expanded its targeting to include users in the U.K. and Italy. “Representing a restructured and enhanced iteration of its predecessor, this evolved Chameleon variant excels in executing Device Takeover (DTO) using the accessibility service, all while …

Chameleon Android Banking Trojan Variant Bypasses Biometric Authentication Read More »

December 22, 2023 A new piece of JavaScript malware has been observed attempting to steal users’ online banking account credentials as part of a campaign that has targeted more than 40 financial institutions across the world. The activity cluster, which employs JavaScript web injections, is estimated to have led to at least 50,000 infected user …

New JavaScript Malware Targeted 50,000+ Users at Dozens of Banks Worldwide Read More »

December 22, 2023 John Hanley of IBM Security shares 4 key findings from the highly acclaimed annual Cost of a Data Breach Report 2023 What is the IBM Cost of a Data Breach Report? The IBM Cost of a Data Breach Report is an annual report that provides organizations with quantifiable information about the financial …

Cost of a Data Breach Report 2023: Insights, Mitigators and Best Practices Read More »

December 22, 2023 German law enforcement has announced the disruption of a dark web platform called Kingdom Market that specialized in the sales of narcotics and malware to “tens of thousands of users.” The exercise, which involved collaboration from authorities from the U.S., Switzerland, Moldova, and Ukraine, began on December 16, 2023, the Federal Criminal Police Office (BKA) …

German Authorities Dismantle Dark Web Hub ‘Kingdom Market’ in Global Operation Read More »

December 22, 2023 Attackers are weaponizing an old Microsoft Office vulnerability as part of phishing campaigns to distribute a strain of malware called Agent Tesla. The infection chains leverage decoy Excel documents attached in invoice-themed messages to trick potential targets into opening them and activate the exploitation of CVE-2017-11882 (CVSS score: 7.8), a memory corruption vulnerability …

Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware Read More »