#backdoor

A deep dive into securing containerized environments and understanding how they present unique security challenges.

A Russian state-sponsored threat actor has been observed targeting diplomatic and government entities as part of a series of phishing campaigns commencing on January 17, 2022. Threat intelligence and incident response firm Mandiant attributed the attacks to a hacking group tracked as APT29 (aka Cozy Bear), with some set of the activities associated with the crew assigned the moniker Nobelium (

The threat group known as TA410 that wields the sophisticated FlowCloud RAT actually has three subgroups operating globally, each with their own toolsets and targets.

The sophisticated Bumblebee downloader is being used in ongoing email-borne attacks that could lead to ransomware infections.

At least five APTs are believed involved with attacks tied ground campaigns and designed to damage Ukraine's digital infrastructure.

A cyberespionage threat actor known for targeting a variety of critical infrastructure sectors in Africa, the Middle East, and the U.S. has been observed using an upgraded version of a remote access trojan with information stealing capabilities. Calling TA410 an umbrella group comprised of three teams dubbed FlowingFrog, LookingFrog and JollyFrog, Slovak cybersecurity firm ESET assessed that "

The Botnet appears to use a new delivery method for compromising Windows systems after Microsoft disables VBA macros by default.

Backdoor.Win32.Agent.aegg malware suffers from a hardcoded credential vulnerability.

Backdoor.Win32.GF.j malware suffers from a remote command execution vulnerability.

Backdoor.Win32.Cafeini.b malware suffers from a man-in-the-middle vulnerability.