New Purple Fox version includes Rootkit and implements wormable propagation

Researchers from Guardicore have spotted a new variant of the Purple Fox Windows malware that implements worm-like propagation capabilities. Researchers from Guardicore have discovered a new version of the Purple Fox Windows malware that implements worm-like propagation capabilities.Up until recently, Purple Fox’s operators infected machines by using exploit kits and phishing emails. Previous versions of […]

The post New Purple Fox version includes Rootkit and implements wormable propagation appeared first on Security Affairs.

2021-03-29T02:52:58-04:00March 29th, 2021|Latest Cyber Attacks, Malware|

New ZHtrap botnet uses honeypot to find more victims

Netlab 360 experts discovered a new Mirai-based botnet dubbed ZHtrap that implements honeypot to find more victims. Researchers from Netlab 360 discovered a new Mirai-based botnet dubbed ZHtrap that implements honeypot to find more victims. ZHtrap propagates using four vulnerabilities, experts pointed out that the botnet mainly used to conduct DDoS attacks and scanning activities, […]

The post New ZHtrap botnet uses honeypot to find more victims appeared first on Security Affairs.

2021-03-17T11:11:13-04:00March 17th, 2021|Latest Cyber Attacks, Malware|

Gootkit delivery platform Gootloader used to deliver additional payloads

The Javascript-based infection framework for the Gootkit RAT was enhanced to deliver a wider variety of malware, including ransomware. Experts from Sophos documented the evolution of the “Gootloader,” the framework used for delivering the Gootkit RAT banking Trojan. The framework was improved to deploy a wider range of malware, including ransomware payloads. “In recent years, almost […]

The post Gootkit delivery platform Gootloader used to deliver additional payloads appeared first on Security Affairs.

2021-03-01T18:15:13-05:00March 1st, 2021|Latest Cyber Attacks, Malware|

Airplane manufacturer Bombardier has disclosed a security breach, data leaked online

Hackers posted data stolen from manufacturer of business jets Bombardier on Clop ransomware leak site following alleged FTA hack. Hackers exploited vulnerabilities in Accellion FTA file-sharing legacy servers to steal data from the airplane maker Bombardier and leak data on the site operated by the Clop ransomware gang. The wave of attacks exploiting multiple zero-day […]

The post Airplane manufacturer Bombardier has disclosed a security breach, data leaked online appeared first on Security Affairs.

2021-02-26T18:09:31-05:00February 24th, 2021|Latest Cyber Attacks, Malware|

FIN11 cybercrime group is behind recent wave of attacks on FTA servers

FireEye experts linked a series of attacks targeting Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. Security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. “Starting in mid-December 2020, malicious actors that Mandiant […]

The post FIN11 cybercrime group is behind recent wave of attacks on FTA servers appeared first on Security Affairs.

2021-02-26T18:09:31-05:00February 23rd, 2021|Latest Cyber Attacks, Malware|
Go to Top