The data breach that has exposed sensitive health care information of nearly two dozen members of Congress and their families - putting them along with tens of thousands of Washington area residents at risk of identity theft and additional cyberattacks - is apparently the work of a patriotic Russian hacker seeking to inflict damage on U.S. politicians. READ MORE...
A cyber espionage campaign targeting organizations in Russian-occupied regions of Ukraine is using novel malware to steal data, according to Russia-based infosec software vendor Kaspersky. In a report published Tuesday, Kaspersky researchers detailed the infections, which use a PowerShell-based backdoor they've named "PowerMagic" and a previously unknown framework dubbed "CommonMagic" that can steal files from USB devices, take screenshots every three seconds, and send all of this data back to the attacker. READ MORE...
Security researchers have discovered attacks from an advanced threat actor that used "a previously unseen malicious framework" called CommonMagic and a new backdoor called PowerMagic. Both malware pieces have been used since at least September 2021 in operations that continue to this day and target organizations in the administrative, agriculture, and transportation sectors for espionage purposes. READ MORE...
A group monitored as REF2924 by Elastic Security Labs is wielding novel data-stealing malware - an HTTP listener written in C# dubbed Naplistener by the researchers - in attacks against victims operating in southern and southeast Asia. According to a blog post by Elastic senior security research engineer Remco Sprooten, in that region of the world, network-based detection and prevention technologies are the de facto method for securing many environments. READ MORE...
The creator of a Remote Access Trojan (RAT), responsible for compromising more than 10,000 computers, has been arrested by law enforcement in Ukraine. At the time of the arrest, the developer still had real-time access to 600 PCs. According to the announcement, the RAT could tell infected devices to: Download and upload files, install and uninstall programs, take screenshots, capture sound from microphones, and capture video from cameras. READ MORE...
A severe privacy flaw named 'acropalypse' has also been found to affect the Windows Snipping Tool, allowing people to partially recover content that was edited out of an image. Last week, security researchers David Buchanan and Simon Aarons discovered that a bug in Google Pixel's Markup Tool caused the original image data to be retained even if it was edited or cropped out. READ MORE...