A .NET banking Trojan named Coyote has been identified as a threat to Brazilian financial institutions. It uses a unique execution chain involving the abuse of legitimate software to harvest user financial information.
DodgeBox deploys MoonWalk backdoor as a DAT file post-execution. The backdoor shares evasion techniques with DodgeBox and uses Google Drive for command-and-control communication.
This new set of packages, consisting of approximately 60 packages and 290 versions, showcases a more sophisticated approach compared to earlier attacks revealed in October 2023, according to ReversingLabs.
Security researchers have identified a critical vulnerability affecting over 1.5 million Exim email servers, making them vulnerable to attacks that can deliver executable attachments to user accounts.
JAXA was targeted with zero-day exploits during its investigation with Microsoft into a 2023 cyberattack. The attack mainly affected its Active Directory system, prompting JAXA to shut down networks to prevent data compromise.
The attack, identified as a distributed denial-of-service attack (DDoS), affected websites of security services, police, fire and rescue services, and the academy for public security forces.
The attacks were detected earlier this year, with indicators of compromise shared by AhnLab Security Intelligence Center. The attackers initiate their attacks with phishing emails containing malicious attachments disguised as documents.
FIN7, a cybercrime group responsible for billions in losses, was dismantled by U.S. authorities in 2023. However, they resurfaced in 2024 with Stark Industries Solutions, hosting thousands of fake websites mimicking renowned companies.
The PHP vulnerability, tracked as CVE-2024-4577, with a CVSS score of 9.8, allows attackers to execute commands on Windows systems using Chinese and Japanese language settings.
Ransomware gangs are now creating custom data-stealing malware instead of just encrypting files. Mature crime organizations are investing in bespoke data theft tools, according to a Cisco Talos report on the top 14 ransomware groups.