Miles de servidores Linux todavía están infectados con Ebury, un malware que roba información desde hace décadas y que se creía extinto. Ebury es un sofisticado malware diseñado para comprometer los sistemas basados en Linux, especialmente los servidores. Es un tipo de malware que opera como puerta trasera y roba credenciales, lo que permite a … Read more
Se han detectado varias aplicaciones maliciosas de Android haciéndose pasar por algunas de las herramientas más populares de la plataforma, pero a cualquiera que instale los estafadores se le podrían robar sus credenciales de inicio de sesión u otra información altamente confidencial de su dispositivo. Un informe de los investigadores de ciberseguridad SonicWall Capture Labs … Read more
Cybersecurity researchers from JFrog recently discovered three malicious campaigns in Docker Hub – Docker’s cloud-based registry service for storing and sharing container images. These campaigns contained millions of repositories that pushed generic trojan malware to the developers. The conclusion of JFrog’s findings is that with open-source repositories such as Docker Hub, keeping them clean of … Read more
Millions of devices are still connected to the PlugX malware, despite its creators abandoning it months ago, experts have warned. Cybersecurity analysts Sekoia managed to obtain the IP address associated with the malware’s command & control (C2) server, and observed connection requests over a six-month period. During the course of the analysis, infected endpoints attempted … Read more
Imagine if your antivirus program infected your computer with malware – that’s exactly what happened to some eScan antivirus users recently. A new report from Avast has explained how a threat actor, possibly of North Korean affiliation, used a vulnerability in the antivirus program to sideload a backdoor called GuptiMiner. Apparently, after obtaining an adversary-in-the-middle … Read more
More than a year after a patch was released, hackers are still competing to compromise vulnerable TP-Link Wi-Fi routers. A report from Fortinet claims half a dozen botnet operators are scanning for vulnerable TP-Link Archer AX21 (AX1800) routers after cybersecurity researchers discovered a high-severity unauthenticated command injection flaw in the endpoints early last year. The … Read more
A sophisticated new phishing attack was spotted in the wild, leveraging a wide variety of tools to bypass antivirus protections and ultimately deliver different Remote Access Trojan (RAT) malware. According to cybersecurity researchers at Fortinet, an unidentified threat actor was seen sending phishing emails, stating a shipment has been delivered, and attaching an invoice. This … Read more
Visa is warning its partners, clients, and customers, of an ongoing phishing attack that aims to deliver a banking trojan. The Visa Payment Fraud Disruption (PDF) unit sent out a security alert to card issuers, processors, and acquirers, noting it had observed a new phishing campaign that started in late March this year. The campaign … Read more
Cybersecurity researchers from Trend Micro have uncovered a brand new piece of malware that uses an unusual method of hiding from antivirus programs. The malware is called UNAPIMON, and is apparently being used by Winnti, an established Chinese state-sponsored threat actor that was behind some of the most devastating attacks against governments, hardware and software … Read more
A new version of a known Android banking trojan is making rounds on the internet, stealing sensitive data, and possibly even money, from its victims. Cybersecurity researchers from NCC Group’s Fox-IT sounded the alarm of a new, upgraded version of the Vultur banking trojan, first spotted in early 2021 but having received a number of … Read more