The notorious TrickBot malware, renowned for its adaptability, has recently expanded its arsenal to exploit firmware vulnerabilities as a potential means for deploying bootkits and gaining comprehensive control of compromised systems. This new capability, called “TrickBoot,” enables attackers to leverage widely accessible tools to scan devices for recognized weaknesses that…
Cybersecurity Experts Uncover New Windows Backdoor Tied to DeathStalker Group Cybersecurity researchers announced on Thursday the discovery of an in-memory Windows backdoor, named “PowerPepper,” linked to a hacker-for-hire collective. This sophisticated malware is capable of executing malicious code remotely and extracting sensitive information from targets across Asia, Europe, and the…
A sophisticated global phishing operation has been underway since September 2020, targeting entities involved in the distribution of COVID-19 vaccines. According to IBM Security X-Force researchers, these attacks, believed to be orchestrated by a nation-state actor, focus on the vaccine cold chain—the critical supply line managing the storage and transport…
MountLocker Ransomware Expands Its Reach and Tactics A newly evolved ransomware strain, known as MountLocker, has emerged as a potent threat to corporate networks, demonstrating an alarming ability to evade security software while enabling its affiliates to execute double extortion schemes. First identified in July 2020, MountLocker has rapidly gained…
A recent breakthrough in cybersecurity research reveals a significant vulnerability within air-gapped systems, which are designed to be isolated from unsecured networks. Researchers have successfully demonstrated a method for exfiltrating sensitive data using a novel attack called AIR-FI. This technique operates by leveraging electromagnetic emissions from the computer’s DDR SDRAM…
SolarWinds, a Texas-based supplier of enterprise monitoring software, has acknowledged a major cybersecurity incident linked to a compromised version of its Orion products. Up to 18,000 customers, including numerous Fortune 500 companies and U.S. military branches, may have implemented this affected software, raising significant alarm across various sectors. This revelation…
The ongoing investigation into the SolarWinds breach continues to reveal the intricate tactics employed by the attackers who infiltrated the company’s internal systems and manipulated its software update processes. This meticulous and well-coordinated supply chain attack appears to have been in the making since at least October 2019, when the…
The Space Bears ransomware group has announced that it has acquired internal documents from Comcast by taking advantage of a breach at Quasar Inc., a telecommunications engineering firm located in Georgia. This information surfaced on the group’s dark web leak site, which notably lists Quasar as a separate victim, suggesting…
Recent reports reveal a sophisticated supply-chain attack targeting the Vietnam Government Certification Authority (VGCA). This breach involved the manipulation of the agency’s digital signature toolkit, allowing hackers to implant a backdoor into affected systems. The incident was brought to light by Slovak cybersecurity firm ESET, which identified the assault, referred…
