Day

March 8, 2022
SockDetour Backdoor Malware US Defense Contractors APT Tilted Temple

SockDetour backdoor compromised US-based defense contractors

An elusive custom backdoor called SockDetour has been seen targeting US-based defense contractors. Researchers claimed that the malware used by the threat actors to target the contractors had been actively operating since three years ago. The SockDetour backdoor is linked with an advanced persistent threat campaign known as TiltedTemple or DEV-0322. Four defense contractors were...
Continue Reading
Hackers Remote Access Software Phishing Campaigns Email VNC noVNC Evilginx2

Hackers used remote access software for phishing campaigns

A new phishing strategy enables threat actors to bypass the multi-factor authentication (MFA) functionality using a new phishing technique that involves discreetly having targets log into their account on an attacker-operated server via remote access software. Based on reports, a researcher performed a pen-testing for an organisation and accidentally found a phishing activity on the...
Continue Reading
HermeticWiper Malware Cyberattack Ukraine Russia WhisperGate Data Infiltration

HermeticWiper malware utilised to attack Ukraine amidst national crisis

Before Ukraine got attacked by Russia, researchers discovered that a decoy of the GoLang ransomware accompanied the HermeticWiper malware being deployed on the country’s servers. Security experts explained that as the data wiper attacks were executed against Ukraine, the decoy ransomware was also deployed to target Ukrainian organisations using scheduled tasks by the threat actors....
Continue Reading
Iranian Hackers Malware Middle East GRAMDOOR STARWHALE Spear Phishing Telegram

Iranian hackers used two new malware to target the Middle East

State-sponsored hackers from Iran has been operating two new malware threats called GRAMDOOR and STARWHALE to target unknown Middle Eastern entities and government. The Iranian hackers first used the malware in November last year, consisting of a simple backdoor functionality. Studies revealed that the recent attacks against Middle Eastern entities could be associated with UNC3313....
Continue Reading