Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

TMI Tech: How to Stop Vulnerable Software from 'Oversharing'

Stop chatty apps from oversharing and eliminate a hacker backdoor — train developers on "security first" while subjecting APIs to least-privilege zero-trust policies.

DARKReading
Open in Source
#web#ios#mac#cisco#git#backdoor
North Korean Hackers Targeting Europe and Latin America with Updated DTrack Backdoor

Hackers tied to the North Korean government have been observed using an updated version of a backdoor known as Dtrack targeting a wide range of industries in Germany, Brazil, India, Italy, Mexico, Switzerland, Saudi Arabia, Turkey and the U.S. "Dtrack allows criminals to upload, download, start or delete files on the victim host," Kaspersky researchers Konstantin Zykov and Jornt van der Wiel

China-Based Billbug APT Infiltrates Certificate Authority

Access to digital certificates would allow the Chinese-speaking espionage group to sign its custom malware and skate by security scanners.

Researchers Say China State-backed Hackers Breached a Digital Certificate Authority

A suspected Chinese state-sponsored actor breached a digital certificate authority as well as government and defense agencies located in different countries in Asia as part of an ongoing campaign since at least March 2022. Symantec, by Broadcom Software, linked the attacks to an adversarial group it tracks under the name Billbug, citing the use of tools previously attributed to this actor. The

Backdoor.Win32.RemServ.d MVID-2022-0655 Remote Command Execution

Backdoor.Win32.RemServ.d malware suffers from a remote command execution vulnerability.

Worok Hackers Abuse Dropbox API to Exfiltrate Data via Backdoor Hidden in Images

A recently discovered cyber espionage group dubbed Worok has been found hiding malware in seemingly innocuous image files, corroborating a crucial link in the threat actor's infection chain. Czech cybersecurity firm Avast said the purpose of the PNG files is to conceal a payload that's used to facilitate information theft. "What is noteworthy is data collection from victims' machines using

The Hunt for the FTX Thieves Has Begun

Mysterious crooks took hundreds of millions of dollars from FTX just as it collapsed. Crypto-tracing blockchain analysis may provide an answer.

Microsoft Blames Russian Hackers for Prestige Ransomware Attacks on Ukraine and Poland

Microsoft on Thursday attributed the recent spate of ransomware incidents targeting transportation and logistics sectors in Ukraine and Poland to a threat cluster that shares overlaps with the Russian state-sponsored Sandworm group. The attacks, which were disclosed by the tech giant last month, involved a strain of previously undocumented malware called Prestige and is said to have taken place

Threat Source newsletter (Nov. 10, 2022): Vulnerability research, movies in class, and Emotet once again

Welcome to this week’s edition of the Threat Source newsletter. Tuesday was an absolute hammer for the infosec community. Not only did we have the US elections but we had Emotet returning and a regular Microsoft Tuesday release. That release always leads me to think about the bug

Russia’s New Cyberwarfare in Ukraine Is Fast, Dirty, and Relentless

Security researchers see updated tactics and tools—and a tempo change—in the cyberattacks Russia’s GRU military intelligence agency is inflicting on Ukraine.