backdoor

How did the attackers manage to outsmart the developer community? A hidden backdoor was recently discovered in the popular data compression utility XZ Utils, which is widely used on Linux systems. The issue identified as CVE-2024-3094 allows you to bypass OpenSSH authentication, which threatens...

The search for the culprit leads to unexpected conclusions. A hidden backdoor was discovered in the popular xz compression utility, which is widely used in most Linux distributions. This malicious code embedded in the utility package creates a critical threat to the supply chain, potentially...

In the XZ Utils package, which includes the liblzma library and utilities for working with compressed data in the "format.xz", revealed a backdoor (CVE-2024-3094) that allows intercepting and modifying data processed by applications associated with the liblzma library. The main target of the...

Are these additional features or a full-fledged spy tool? ReversingLabs specialists found a suspicious package in the NuGet package manager, presumably aimed at developers using the tools of the Chinese company Bozhon Precision Industry Technology, which specializes in the production of...

The US Department of Justice has accused the two founders of the Tornado Cash cryptocurrency mixer, Roman Shtorm and Roman Semyonov, of helping criminals (including the North Korean gang Lazarus) launder more than $1 billion in stolen cryptocurrencies. Storm was arrested in Washington, and...

Undetected since 2014, the vulnerability allows you to hack devices through cookies. The Ivanti vulnerability, which was disclosed 2 years ago, still causes concern among specialists due to its mysterious origin. This is a code injection vulnerability CVE-2021-44529 (CVSS score: 9.8) in the...

Charming Kitten group hunts down the secrets of political experts: how do fake webinars help? The Middle East has been hit by a new wave of cyberattacks organized by the Iranian hacker group Charming Kitten, also known as APT35 CharmingCypress and Mint Sandstorm. Hackers are using a new...

A botched fix allowed hackers to inject a backdoor into the device's codebase. Hackers are exploiting an SSRF (Server-Side Request Forgery) vulnerability in Ivanti Connect Secure (ICS), Policy Secure (IPS), and ZTA products to deploy a new DSLog backdoor on vulnerable devices. Bug...

Applications with the Xamalicious malware have already been installed via Google Play more than 327,000 times. Analysts from the company McAfee have identified a new malicious backdoor for Android, called Xamalicious . According to experts, it was developed on the basis of the open mobile...

Hackers use the latest techniques to steal sensitive data. Indian government agencies and the defense industry have been targeted by a hacker attack that uses phishing and Rust-based malware for intelligence. The campaign, discovered in October 2023 and called Operation RusticWeb, was...

Language properties allow you to integrate into the system and feel at home. The new phishing campaign uses decoy documents in Word format to deliver malware written in the Nim programming language. Netskope emphasizes that malware written in non-standard languages creates difficulties for...

Microsoft warned about the growth of spyware attacks and gave recommendations on how to protect confidential data. Microsoft Corporation announced that the Iranian cyber espionage group APT33 (Peach Sandstorm, HOLMIUM, Refined Kitten) uses a new type of malware called FalseFont to attack...

Chinese hackers and their role in increasing global digital risks. A new report jointly prepared by SentinelOne, PwC and the Microsoft Threat Intelligence team reveals the tactical and targeted intersections between the mysterious APT group Sandman and cybercriminals from China who use a...

APT-C-28 has upgraded its tools, making it even harder to protect valuable data. Security experts from the 360 Threat Intelligence Center recently identified a new wave of attacks by the North Korean group APT-C-28, also known as ScarCruft and APT37. These attacks targeted government agencies...

The story of how a single email reveals your entire digital life to spies. IBM X-Force has identified a new malware downloader called WailingCrab (WikiLoader). First documented in August 2023, the virus was used to attack Italian organizations in order to deploy the Ursnif trojan. The TA544...

From phishing to password theft: how the attacks on Russian institutions took place. Russian institutions from the state and industrial sectors have become victims of a massive cyberattack detected by Kaspersky Lab . Attackers used phishing emails with a malicious archive attached, which...

The DoNot Team has returned to cyberspace with new tools. Kaspersky Lab specialists have revealed the activity of the DoNot Team group. In particular, the use of a new backdoor on the database was revealed .NET called Firebird, which affected only a small number of victims in Pakistan and...

Kaspersky Lab researchers report an updated version of the MATA backdoor, which was discovered during attacks between August 2022 and May 2023 targeting oil and gas companies and the defense industry in Eastern Europe. During the campaign, targeted phishing emails were used to force victims to...

Cheap set-top boxes are a tool for cybercriminals. Thousands of owners of cheap Android TV devices are facing an unexpected threat. When buying a set-top box for streaming TV, no one expects that it will be infected with malicious software or start communicating with servers in China when...

The management of the aerospace company hardly praised the man for the mistake made. North Korean hacker group Lazarus used fake jobs to break into the corporate network of an unnamed aerospace company in Spain, using a previously undocumented backdoor called LightlessCan in the attack. As...