Constantly Evolving MoonPeak RAT Linked to North Korean Spying

/in

The malware is a customized variant of the powerful open source XenoRAT information stealing malware often deployed by Kimsuky and other DPRK APTs.

darkreading – ​Read More

Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC)

/in

A new malware called NGate allows cybercriminals to steal near field communication data from Android phones via sophisticated social engineering. The data is relayed to the fraudsters before being used to steal cash.

Security | TechRepublic – ​Read More

CrowdStrike 2024 report exposes North Korea’s covert workforce in U.S. tech firms

/in

In April 2024, CrowdStrike Services responded to the first of several incidents in which North Korea’s FAMOUS CHOLLIMA malicious insiders targeted U.S. firmsRead More

Security News | VentureBeat – ​Read More

NGate Android Malware Relays NFC Traffic to Steal Credit Card Data

/in

This malware allows attackers to emulate victims’ cards, enabling them to make unauthorized payments or withdraw cash from ATMs. The campaign has been active since November 2023.

Cyware News – Latest Cyber News – ​Read More

New PEAKLIGHT Dropper Deployed in Attacks Targeting Windows with Malicious Movie Downloads

/in

Cybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage malware with the ultimate goal of infecting Windows systems with information stealers and loaders.

“This memory-only dropper decrypts and executes a PowerShell-based downloader,” Google-owned Mandiant said. “This PowerShell-based downloader is being tracked as PEAKLIGHT.”

Some of

The Hacker News – ​Read More

Critical Vulnerabilities Uncovered in Progress WhatsUp Gold

/in

These vulnerabilities pose risks to organizations using outdated versions, allowing unauthorized access to sensitive data and privilege escalation through SQL Injection techniques.

Cyware News – Latest Cyber News – ​Read More

Qilin Ransomware Caught Stealing Credentials Stored in Google Chrome

/in

A recent Qilin ransomware attack targeted several endpoints, stealing VPN credentials and Chrome browser data. This attack, detected in July 2024, involved network access through compromised VPN credentials without multi-factor authentication.

Cyware News – Latest Cyber News – ​Read More

SonicWall Issues Urgent Patch for Critical Firewall Vulnerability

/in

SonicWall has released an urgent patch to address a critical vulnerability (CVE-2024-40766) in SonicOS, which could allow unauthorized access to their firewalls. The vulnerability could lead to system compromise and network disruption.

Cyware News – Latest Cyber News – ​Read More

PG_MEM Malware Targets PostgreSQL Databases for Crypto Mining

/in

Cryptojacking attackers are targeting poorly secured PostgreSQL databases on Linux systems. According to Aqua Security researchers, the attack begins with brute-force attempts to gain access to the database credentials.

Cyware News – Latest Cyber News – ​Read More

Kanister Vulnerability Opens Door to Cluster-Level Privilege Escalation

/in

Exploiting this flaw, attackers can manipulate daemonsets, create service account tokens, and impersonate high-privilege accounts like cluster-admin. This could lead to a complete cluster takeover.

Cyware News – Latest Cyber News – ​Read More