Dark Reading

Tropic Trooper APT Takes Aim at Home Routers, Japanese Targets

The Chinese state-sponsored cyber threat is known for moving fast and trying odd attack vectors; now it's branching out in ...
The Hacker News

UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware

UNC6692 has been attributed to a large email campaign that's designed to overwhelm a target's inbox with a flood of spam ...
Cybernews

North Korean hackers build “shiny new” macOS malware, but get hacked themselves

North Korean hackers developed a new macOS malware kit, but were disrupted by a security researcher who exploited ...
SecurityWeek

New Wiper Malware Targeted Venezuelan Energy Sector Prior to US Intervention

Used in attacks against energy and utilities organizations, Lotus Wiper can overwrite drivers, delete files, and cripple ...
News9Live on MSN

Mustang Panda linked New LOTUSLITE malware now targets Indian banks: Report

A new LOTUSLITE malware campaign is targeting India’s banking sector using phishing files and trusted tools. Researchers say ...
The Hacker News

Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

Updated LOTUSLITE targets India banking sector via CHM and DLL side-loading, expanding espionage campaign to South Korea and ...
Arabian Post

Trusted Intel tool turned against banks

A legitimate Intel storage utility has been repurposed in a highly targeted malware campaign that uses a little-known. NET mechanism to run hostile code inside a signed executable, giving attackers a ...
Infosecurity Magazine

Formbook Malware Campaign Uses Multiple Obfuscation Techniques to Avoid Detection

Two phishing campaigns, each using a different stealthy infection technique, are targeting organizations in attacks which aim ...
TidBITS

Shutting Down SlackBITS After Impersonation-Based Malware Attack

A convincing impersonation of TidBITS contributor Glenn Fleishman on our public Slack group fooled an experienced IT ...

Payouts King ransomware uses QEMU VMs to bypass endpoint security

The Payouts King ransomware is using the QEMU emulator as a reverse SSH backdoor to run hidden virtual machines on ...