Millions of Routers, IoT Devices at Risk as Malware Source Code Surfaces on GitHub
The authors of a dangerous malware sample targeting millions of routers and Internet of Things (IoT) devices have uploaded its source code to GitHub, meaning other criminals can now quickly spin up new variants of the tool or use it as is, in their own attack campaigns. Researchers at AT&T Alien Labs first spotted the malware last November and named it "BotenaGo." The malware is written in Go - a programming language that has become quite popular among malware authors. READ MORE...
Microsoft mitigated a record 3.47 Tbps DDoS attack on Azure users
Microsoft says its Azure DDoS protection platform mitigated a massive 3.47 terabits per second (Tbps) distributed denial of service (DDoS) attack targeting an Azure customer from Asia in November. Two more large size attacks followed this in December, also targeting Asian Azure customers, a 3.25 Tbps UDP attack on ports 80 and 443 and a 2.55 Tbps UDP flood on port 443. READ MORE...
Russian APT29 hackers' stealthy malware undetected for years
EXCLUSIVE: Hackers associated with the Russian Federation Foreign Intelligence Service (SVR) continued their incursions on networks of multiple organizations after the SolarWinds supply-chain compromise using two recently discovered sophisticated threats. The malicious implants are a variant of the GoldMax backdoor for Linux systems and a completely new malware family that cybersecurity company CrowdStrike now tracks as TrailBlazer. READ MORE...
Sophisticated Threat Actor Targets Governments, Defense Industry in Western Asia
High-ranking government officials and individuals in the defense industry in Western Asia were targeted in a sophisticated campaign that involved the use of Graphite malware, according to XDR firm Trellix, which resulted from the merger between McAfee Enterprise and FireEye. The campaign was carried out between October and November last year and split into multiple stages to evade detection. READ MORE...
REvil Ransomware Operations Apparently Unaffected by Recent Arrests
The REvil (Sodinokibi) ransomware cooperative's activity has not slowed down following Russia's recent move to arrest several alleged members of the group, according to threat intelligence company ReversingLabs. Two weeks have passed since Russia's law enforcement agency FSB announced the takedown of the REvil group "at the request of US authorities," but the ransomware-as-a-service (RaaS) enterprise remains as active as before. READ MORE...
Android malware can factory-reset phones after draining bank accounts
A banking-fraud trojan that has been targeting Android users for three years has been updated to create even more grief. Besides draining bank accounts, the trojan can now activate a kill switch that performs a factory reset and wipes infected devices clean. Brata was first documented in a post from security firm Kaspersky, which reported that the Android malware had been circulating since at least January 2019. READ MORE...
New FluBot and TeaBot campaigns target Android devices worldwide
New FluBot and TeaBot malware distribution campaigns have been spotted, using typical smishing lures or laced apps against Android users in Australia, Germany, Poland, Spain, and Romania. The SMS topics used for spreading the FluBot malware include fake courier messages, "Is this you in this video?" coaxes, phony browser updates, and fake voicemail notifications. READ MORE...
VMware Warns of Log4j Attacks Targeting Horizon Servers
VMware is urging customers to patch their VMware Horizon instances as these systems have been targeted in a recent wave of attacks exploiting the Log4Shell vulnerability. Tracked as CVE-2021-44228, the security flaw was identified in early December 2021 in the Apache Log4j logging utility, and has since been exploited in attacks by both cybercriminals and state-sponsored threat actors. READ MORE...
- ...in 1888, the National Geographic Society is founded.
- ...in 1959, former Cincinnati Bengals wide receiver and TV sports commentator Cris Collinsworth is born in Dayton, OH.
- ...in 1969, stand-up comedian and actor Patton Oswalt ("Ratatouille", "A.P. Bio") is born in Portsmouth, VA.
- ...in 1973, the Paris Peace Accords are signed, officially ending US involvement in Vietnam.
