News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: backdoor

MoonBounce: Firmware bootkit more elusive and persistent
2. February 2022
| No comments
| Kaspersky, Stories
MoonBounce: Firmware bootkit more elusive and persistent

Kaspersky have discovered the third case of a UEFI firmware bootkit “in the wild”. The MoonBounce bootkit is more elusive and persistent than its predecessors. The campaign is credited to well-known Chinese-speaking Advanced Persistent Threat (APT) actor APT41. Kaspersky security researchers have discovered another firmware bootkit. The malicious implant, dubbed 'MoonBounce', is hidden in computers' Unified Extensible Firmware Interface (UEFI) firmware – an essential part of computers. This is located in the SPI Flash, a memory component outside of the hard disk. Such implants are notoriously difficult to remove and have limited visibility for security products. UEFI Firmware Bootkit…

Read more

Possible successor to Sunburst: Tomiris backdoor
16 October 2021
| No comments
| Kaspersky, Short news
Kaspersky_news

Tomiris backdoor: Possibly new activity by the threat actor behind the sunburst attack. While investigating an as yet unknown Advanced Persistence Threat (APT), Kaspersky researchers identified a new piece of malware that has several important attributes that potentially indicate a connection to the DarkHalo threat actor responsible for the sunburst attack. This is one of the most impactful supply chain attacks in recent years. The Sunburst security incident hit the headlines in December 2020: threat actor DarkHalo compromised a well-known enterprise software provider and used its infrastructure to spread spyware under the guise of legitimate software updates. After that, the actor seemed to have disappeared ...

Read more

New backdoor component of malware group FIN8 discovered
September 18, 2021
| No comments
| Bitdefender, PR News
New backdoor component of malware group FIN8 discovered

Banking malware group FIN8 opens up another backdoor for a targeted attack with Sardonic. Bitdefender experts discovered backdoor components in a targeted attack on a US financial organization and named them "Sardonic". The FIN8 group is further expanding its malware arsenal: As part of a forensic investigation, the experts at Bitdefender Labs discovered a new backdoor component in a targeted attack on a US financial organization and called it "Sardonic": the forensic artifacts indicate this that the authors are driving a larger project under this name, which consists of the new backdoor, the loader and other scripts. The new back door opens up the ...

Read more

Credit card thieves expand tech portfolio
2 April 2021
| No comments
| Bitdefender, Short news
Bitdefender_News

News Alert Bitdefender: Credit Card Thieves Expand Their Tech Portfolio. FIN8-Gruppe recently started using the backdoor BADHATCH with extended functionalities and improved camouflage. The cyber criminals of the FIN8 group have expanded the possibilities of the BADHATCH backdoor toolkit for their own purposes and are targeting companies with new variants. The experts at Bitdefender Labs found that the group is active again in several countries after a break of about one and a half years. The retail trade as well as the hotel and restaurant industry are likely to be targeted. FIN8 hacker group increasingly active The FIN8 hacker group has been active since 2016 and ...

Read more

Backdoor attacks Oracle's POS system
2 December 2020
| No comments
| Short news
Eset_News

ESET analysis: Backdoor ModPipe infiltrates targeted Oracle POS system. Malicious program attacks popular POS system for restaurants. Cyber ​​criminals have targeted the ORACLE MICROS Restaurant Enterprise Sales (RES) 3700 Point-of-Sale (POS) cash register systems with the ModPipe backdoor. The system is a widespread management software suite, hundreds of thousands of which are used in catering establishments such as bars, restaurants or hotels. ModPipe has a modular structure and can be flexibly adapted to the respective location. After a successful infection, the attackers gain access to confidential information such as personal data or transaction data of the operator. Have your extensive analysis ...

Read more

Analysis results of the Kaspersky Threat Intelligence Portal
July 4, 2020
| No comments
| PR News
Analysis

Many requests submitted as links or files to the Kaspersky Threat Intelligence Portal turn out to be Trojans (25 percent), backdoors (24 percent) and Trojan droppers (23 percent) Almost three quarters (72 percent) of the malicious files analyzed, that were submitted via the free version of Kaspersky Threat Intelligence Portal were Trojans, backdoors or droppers. Analysis of the submitted data also shows that the types of malware that researchers investigate most often do not necessarily match the most widespread ones. The detection of harmful activities is only the starting point for ...

Read more

© 2024 MedPressIT GbR
Cookie Settings