The attack chain involves renaming legitimate files, injecting malicious code, and leveraging DLL sideloading to ultimately deploy the Quasar RAT payload, highlighting the sophistication of the attack.
A recent report from WithSecure has highlighted a surge in DarkGate malware infection attempts. Multiple Vietnamese threat groups have been found to deploy info-stealer campaigns using Malware-as-a-Service (MaaS), honing in on specific sectors or groups. Their modus operandi displays notable similarities, with recurring themes in lures and delivery methods.
The cyberattack caused outages in the company’s phone service, building connectivity, and online services, impacting customers’ ability to pay bills and file claims online.
The vulnerability, tracked as CVE-2023-20273, allows for privilege escalation through the Web UI. It has been used alongside another vulnerability, CVE-2023-20198, in an exploit chain to deploy a malicious implant.
The vulnerabilities, which have been patched in version 2023.2.1, could be exploited by remote unauthenticated attackers to execute arbitrary code in the context of SYSTEM without authentication.
The campaign involves various types of malware, including cryptominers and keyloggers, and primarily targets enterprises that provide business-to-business (B2B) products and services.
Cultivating a strong cybersecurity culture and empowering employees to make informed security decisions is crucial for SMBs to protect themselves and gain customer trust.
The Play ransomware group has threatened Associated Wholesale Grocers (AWG) with a cyberattack, stating their intention to release sensitive data stolen from the firm on October 22, 2023.
The workers used false identities to secure remote IT jobs and funneled their earnings to North Korea, while also infiltrating and stealing information from the companies they worked for.
India’s Central Bureau of Investigation (CBI) conducted raids at 76 locations across the country as part of Operation Chakra-II, targeting cybercrime operations involved in tech support scams and cryptocurrency fraud.