1.3 Million Android TV Boxes Infected by Vo1d Malware

September 13, 2024 at 06:21AM A newly discovered Android malware, Vo1d, has infected 1.3 million TV boxes running older Android versions. The backdoor malware can fetch and install additional software, exploiting system vulnerabilities. It poses as legitimate OS components and targets countries worldwide. Doctor Web suspects attacks via unofficial firmware or intermediate malware. Google has … Read more

Military-themed Email Scam Spreads Malware to Infect Pakistani Users

June 21, 2024 at 09:45AM Cybersecurity researchers have uncovered a new phishing campaign targeting people in Pakistan, utilizing military-themed documents to deploy a custom backdoor called PHANTOM#SPIKE. The unsophisticated campaign’s ZIP file, posing as meeting minutes for a legitimate event, contains a CHM file and an executable backdoor, enabling remote access and command execution. Based … Read more

JAVS Courtroom Audio-Visual Software Installer Serves Backdoor

May 24, 2024 at 09:24AM Thousands of computers are at risk of complete takeover due to a backdoor injected into the Justice AV Solutions (JAVS) Viewer v8.3.7 installer distributed from official servers. The backdoor, discovered by Rapid7, provides attackers with full control over affected systems. Rapid7 recommends updating to version 8.3.8 and re-imaging affected endpoints … Read more

Ivanti Vulnerability Exploited to Install ‘DSLog’ Backdoor on 670+ IT Infrastructures

February 13, 2024 at 02:15AM Threat actors are exploiting a security flaw in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor called DSLog. The flaw (CVE-2024-21893) allows access to restricted resources without authentication. Orange Cyberdefense observed attacks targeting an unnamed customer and recommends factory resetting Ivanti devices to prevent continued exploitation. … Read more

WordPress Bug ‘Patch’ Installs Backdoor for Full Site Takeover

December 5, 2023 at 11:21AM Cybercriminals are circulating a bogus WordPress security email, claiming to resolve a fake RCE vulnerability with a “patch” that is actually a backdoor for site hijacking. No infections are reported yet, but users are urged not to install the offered plugin and to be wary of phishing attempts. Meeting Takeaways: … Read more

Fake WordPress security advisory pushes backdoor plugin

December 4, 2023 at 12:19PM WordPress security experts are warning of phishing emails with fake security advisories asking admins to install a malicious plugin, which creates a hidden user and downloads a backdoor to the site, potentially for injecting ads, stealing data, or blackmail. Users are urged to be cautious. **Key Takeaways from Meeting Notes … Read more