As the name suggests, ProxyShellMiner exploits the ProxyShell vulnerabilities CVE-2021-34473 and CVE-2021-34523 in Windows Exchange servers for initial access and compromise of an organization to deliver crypto miners.

The Defense Department’s inspector general found that unsanctioned apps downloaded onto government-issued mobile devices “could pose operational and cybersecurity risks to DOD information and information systems.”

CheckPoint discovered these packages on January 17, 2023, all uploaded to NPM by a user named “trendava.” Following the company’s report, NPM removed them the following day.

Email inboxes of Namecheap subscribers started to receive phishing messages last week in an attempt to dupe them into disclosing personal data or their crypto wallets’ recovery phrases. Scammers impersonated DHL and MetaMask in their campaigns. Namecheap said that their own systems had not been compromised and that the upstream third-party system they employ to […]

The LockBit hacking group that encrypted Royal Mail data sought a $79.4 million ransom from the company, a demand that the postal group’s board appears to have rebuffed, setting the stage for a potential large-scale leak of company information.

The Chinese state-sponsored threat actor DEV-0147 has been spotted targeting diplomatic entities in South America with the ShadowPad remote access Trojan (RAT), also known as PoisonPlug.

The APT37 threat group uses a new evasive ‘M2RAT’ malware and steganography to target individuals for intelligence collection. APT37, aka ‘RedEyes’ or ‘ScarCruft,’ is a North Korean cyber espionage hacking group believed to be state-supported.

The North Korean Lazarus APT group has laundered over $100 million in cryptocurrency since October 2022, through a new single crypto mixer, named Sinbad – found blockchain analysts. Last year, the U.S. Treasury’s Office of Foreign Assets Control (OFAC) imposed sanctions against these mixing services. Since then, it is suspected that Lazarus has shifted to […]

Basically, a client sends a request to a server via a compromised data-transfer channel. This channel isn’t controlled by the cybercriminals, but it is “listened to” by them.

Cybersecurity researchers have unearthed a new piece of evasive malware dubbed Beep that’s designed to fly under the radar and drop additional payloads onto a compromised host.