News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tags: loaders

Go-based malware loader discovered
13. February 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

A cybersecurity company's research team has identified threat actors using a new Go-based malware downloader in two recent attacks. Arctic Wolf Labs calls it “CherryLoader”. This allows attackers to share exploits without recompiling the code. The loader's icon and name were disguised as the note-taking application CherryTree to deceive victims. The attacks examined used CherryLoader to install PrintSpoofer or JuicyPotatoNG. Both are access escalation tools that run a batch file after installation. This allows the attackers to remain on the victim's device. The most important…

Read more

MoonBounce: Firmware bootkit more elusive and persistent
2. February 2022
| No comments
| Kaspersky, Stories
MoonBounce: Firmware bootkit more elusive and persistent

Kaspersky have discovered the third case of a UEFI firmware bootkit “in the wild”. The MoonBounce bootkit is more elusive and persistent than its predecessors. The campaign is credited to well-known Chinese-speaking Advanced Persistent Threat (APT) actor APT41. Kaspersky security researchers have discovered another firmware bootkit. The malicious implant, dubbed 'MoonBounce', is hidden in computers' Unified Extensible Firmware Interface (UEFI) firmware – an essential part of computers. This is located in the SPI Flash, a memory component outside of the hard disk. Such implants are notoriously difficult to remove and have limited visibility for security products. UEFI Firmware Bootkit…

Read more

Newly discovered: Buer malware dropper
20 November 2020
| No comments
| Short news
SophosNews

Sophos Rapid Response Team detects new Buer malware. Rapid intervention by specialist teams can protect companies from major damage from cyber attacks. After Sophos officially went live with its Rapid Response Service at the end of October 2020, the security specialists exposed the first known use of the Buer malware dropper to smuggle in ransomware. Sophos Rapid Response made this discovery while defusing a Ryuk ransomware attack that is part of a wave of Ryuk attacks using new tools, techniques, and techniques. In this incident, the attackers used a new variant of Buer to destroy the Ryuk ransomware.

Read more

© 2024 MedPressIT GbR
Cookie Settings