Cybersecurity Experts Uncover New Windows Backdoor Tied to DeathStalker Group Cybersecurity researchers announced on Thursday the discovery of an in-memory Windows backdoor, named “PowerPepper,” linked to a hacker-for-hire collective. This sophisticated malware is capable of executing malicious code remotely and extracting sensitive information from targets across Asia, Europe, and the…
Recent cybersecurity research has uncovered intriguing potential connections between the notorious SolarWinds hack and a previously identified malware strain called Kazuar. Kaspersky’s latest analysis highlights overlapping features that suggest a link between the two malicious software architectures. The SolarWinds incident, disclosed in December 2020, was characterized by its unprecedented scale…
A newly identified Linux variant of a multi-platform backdoor known as DinodasRAT has emerged, actively targeting regions including China, Taiwan, Turkey, and Uzbekistan, according to recent findings by Kaspersky. DinodasRAT, also recognized as XDealer, is a C++-based malware specifically designed to extract various sensitive data from compromised systems. This variant…
Recent cybersecurity investigations have revealed a sophisticated cyberespionage campaign attributed to a Chinese-speaking hacking group targeting various government and military institutions in Vietnam. The threat has been tentatively linked to the advanced persistent threat (APT) group known as Cycldek, also recognized as Goblin Panda or Hellsing, notorious for its spear-phishing…
Security experts have raised alarms regarding a series of targeted attacks aimed at unpatched Fortinet VPN devices, impacting industrial enterprises across Europe. These assaults are believed to have facilitated the deployment of a new ransomware variant known as “Cring” within corporate infrastructures. According to a report from cybersecurity firm Kaspersky,…
Hackers Exploit Google Analytics to Steal Credit Card Information from E-commerce Sites Cybersecurity experts have unveiled a serious threat affecting e-commerce platforms, where hackers are leveraging Google Analytics to siphon credit card information from unsuspecting users. This alarming trend was reported by industry leaders, including PerimeterX, Kaspersky, and Sansec, highlighting…
A sophisticated threat actor has been exploiting an evasive Windows rootkit to infiltrate high-profile organizations in Asia and Africa, with activity detected since at least 2018. This malware, dubbed ‘Moriya’, operates as a passive backdoor, allowing attackers to monitor incoming traffic on infected systems and selectively respond to packets intended…
A recent malware campaign has been uncovered, targeting South Korean organizations, specifically attributed to the North Korean hacking group Andariel. This development highlights the ongoing evolution of tactics employed by state-sponsored actors, particularly within the Lazarus Group, which has been consistently adapting its methodologies to enhance operational effectiveness. Kaspersky, a…
Recent investigations by Russian cybersecurity firm Kaspersky have unveiled that a hacking group suspected of having links to Iran has been exploiting instant messaging and VPN applications like Telegram and Psiphon since at least 2015. These tools are being utilized to deploy a Windows remote access trojan (RAT), which can…
