Iranian Hackers Exploiting VMware RCE Bug to Deploy ‘Core Impact’ Backdoor
An Iranian-linked threat actor known as Rocket Kitten has been observed actively exploiting a recently patched VMware vulnerability to gain initial access and deploy...
Tagged: Backdoor
Application Security / Cloud Security / Cyberwarfare / Data Protection / Disaster Recovery / Email Security / Endpoint Security / Identity & Access / Incident Response / Malware / Network Security / NEWS & INDUSTRY / Phishing / Risk Management / Virus & Malware / Vulnerabilities
‘Serpent’ Backdoor Used in Malware Attacks on French Entities
French organizations in the construction, government, and real estate sectors have been targeted with a new backdoor in a string of malware attacks, according...
New Backdoor Targets French Entities via Open-Source Package Installer
Researchers have exposed a new targeted email campaign aimed at French entities in the construction, real estate, and government sectors that leverages the Chocolatey...
Trickbot Malware Gang Upgrades its AnchorDNS Backdoor to AnchorMail
Even as the TrickBot infrastructure closed shop, the operators of the malware are continuing to refine and retool their arsenal to carry out attacks...
Application Security / Cloud Security / Data Protection / Email Security / Endpoint Security / Identity & Access / Incident Response / Malware / Network Security / NEWS & INDUSTRY / Phishing / Risk Management / Security Architecture / Virus & Malware / Vulnerabilities
Symantec: Super-Stealthy ‘Daxin’ Backdoor Linked to Chinese Threat Actor
Threat hunters at Symantec are calling global attention to a new, highly sophisticated piece of malware being used by a Chinese threat actor to...
New “SockDetour” Fileless, Socketless Backdoor Targets U.S. Defense Contractors
Cybersecurity researchers have taken the wraps off a previously undocumented and stealthy custom malware called SockDetour that targeted U.S.-based defense contractors with the goal...
SockDetour backdoor used in attacks on defense contractors, says Unit 42
Researchers at Palo Alto Network’s Unit 42 said they discovered a tool — named SockDetour — that serves as a backup backdoor in case...
Chinese Researchers Detail Linux Backdoor of NSA-Linked Equation Group
A team of researchers from China’s Pangu Lab on Wednesday published a 50-page report detailing a piece of Linux malware allegedly used against many...
Hackers Backdoor Unpatched Microsoft SQL Database Servers with Cobalt Strike
Vulnerable internet-facing Microsoft SQL (MS SQL) Servers are being targeted by threat actors as part of a new campaign to deploy the Cobalt Strike...
Iranian Hackers Using New Marlin Backdoor in ‘Out to Sea’ Espionage Campaign
An advanced persistent threat (APT) group with ties to Iran has refreshed its malware toolset to include a new backdoor dubbed Marlin as part...