News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: backdoor

New Russian malware Kapeka discovered
24 April 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The security experts at WithSecure have exposed Kapeka. The new malware appears to have ties to the Russian hacker group Sandworm. Several factors clearly indicate that the development and use of the malware are related to the Russia-Ukraine war: the timing, the locations, and the likely connection to the Russian Sandworm group. Threat intelligence researchers at WithSecure™ (formerly F-Secure Business) have discovered a novel malware that has been used in attacks on targets in Central and Eastern Europe since at least mid-2022. The malware, called Kapeka, can be linked to a group called Sandworm. Sandworm...

Read more

XZ vulnerability: free XZ backdoor scanner
15 April 2024
| No comments
| Bitdefender, Short news
Bitdefender_News

Bitdefender Labs offers a free scanner that companies can use to check their IT systems for the CVE-29-2024 vulnerability in the widely used data compression library XZ Utils, which became known on March 2024, 3094. The free Bitdefender XZ Backdoor Scanner specifically searches for this vulnerability. Programmed in Go and initially tested on Fedora, Debian and a Debian container, it offers various advantages: Portability to various Linux systems without additional software installations Various scanning modes: In the preset fast scan mode, the tool searches for infected people systems and focuses on the liblzma library, which the respective SSH daemon…

Read more

2023: over 400.000 new malicious files per day
15 December 2023
| No comments
| Short news
Kaspersky_news

It's just one manufacturer that's on the lookout for new malware around the clock: Kaspersky discovered an average of 2023 new malicious files per day in 411.000; this corresponds to an increase of almost three percent compared to the previous year. More than half (53 percent) of attacks involved malicious Microsoft Office and other types of documents. There has also been a significant increase in backdoor Trojans that can control infected systems - 40.000 discoveries were made every day this year. Kaspersky security solutions discovered an average of 2023 new malicious...

Read more

Constant threat of multi-malware attacks
21 November 2023
| No comments
| Short news
Kaspersky_news

Since April 2023, there have been over 10.000 multi-malware attacks from backdoors, keyloggers and miners on more than 200 companies. In April 2023, the FBI reported on a multi-malware campaign in which cybercriminals attacked companies with miners, keyloggers and backdoors. Kaspersky experts further analyzed the campaign and found that it is still active. The cyberattacks identified by Kaspersky occurred between May and October of this year and primarily targeted government agencies, farms, and wholesale and retail companies. According to Kaspersky telemetry, the more than 10.000 attacks affected over 200 users, the majority...

Read more

Camaro Dragon hides backdoor in TP-Link router
June 17, 2023
| No comments
| PR News
Camaro Dragon hides backdoor in TP-Link router

Researchers from Check Point Research(CPR) were able to uncover a series of cyberattacks by the Chinese APT group "Camaro Dragon". A modified, malicious firmware for TP-Link routers was discovered, which includes a customized backdoor called "Horse Shell". Recently, Check Point Research (CPR) investigated a series of targeted cyberattacks on European foreign affairs agencies and traced them to a Chinese state-sponsored APT group dubbed the "Camaro Dragon" by CPR. These activities share significant infrastructural overlap with activities publicly associated with "Mustang Panda"...

Read more

New Trojan Pikabot
June 9, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The malicious backdoor Pikabot is modular, with a loader and a core component that implements most of the functionality. A number of anti-analysis techniques are employed, making it difficult to detect malicious activity. The analysis found a similarity to Qakbot in terms of distribution mode, campaigns, and malware behavior, with no indication of whether they are the same malware authors. It is capable of receiving commands from a command-and-control server, which injects any shellcode, DLL, or executable file. Malicious Functionality After…

Read more

Infected version of VoIP program 3CX delivers backdoor
5 April 2023
| No comments
| Short news
Kaspersky_news

Kaspersky experts analyzed the supply chain attack carried out via the popular VoIP program 3CXDesktopApp and installed an infostealer or backdoor. During the analysis, they found a suspicious dynamic link library (DLL) on one computer, which was loaded into the infected 3CXDesktopApp.exe process. Kaspersky experts launched an investigation into a case related to this DLL on March 21, about a week before the discovery of the supply chain attack. This DLL was used in deployments of the "Gopuram" backdoor and has been observed by Kaspersky since 2020....

Read more

Lazarus: New backdoor against targets in Europe 
March 19, 2023
| No comments
| Short news
Eset_News

The APT group Lazarus, known for many attacks, is also using a new backdoor malware against targets in Europe. According to ESET researchers, the intended uses are espionage and data manipulation. The malware researchers at the IT security manufacturer ESET have uncovered a new dangerous malware from the notorious APT group Lazarus (Advanced Persistent Threat). The increased occurrence in South Korea, the code and the behavior of the backdoor "WinorDLL64" suggest that it is the hacker gang allied with North Korea. However, the backdoor is also used for targeted attacks in the Middle East and Europe. At ESET research facilities…

Read more

Backdoor: Chinese hacker group attacks Europe
March 15, 2023
| 2 comments
| Short news
B2B Cyber ​​Security ShortNews

The Chinese hacker group Mustang Panda is stepping up its attacks on targets in Europe, Australia and Taiwan. Researchers at the IT security manufacturer ESET uncovered a campaign that is currently still running, in which the newly developed backdoor MQsTTang is used. This allows attackers to execute any command on the victim's computer. The focus is on political and state organizations, above all a government institution in Taiwan. Mustang Panda has significantly increased its activities since Russia invaded Ukraine. MQsTTang: Evidence of Rapid Development Cycle MQsTTang is a simple backdoor that allows attackers to…

Read more

© 2024 MedPressIT GbR
Cookie Settings