September 9, 2024 at 05:30PM The Quad7 botnet is expanding its operations to target additional SOHO devices with new custom malware for Zyxel VPN appliances, Ruckus wireless routers, and Axentra media servers. It is evolving by setting up new staging servers, launching new botnet clusters, employing backdoors and reverse shells, and moving away from SOCKS … Read more
May 23, 2024 at 10:17AM MITRE detailed a recent cyberattack where state-sponsored hackers exploited zero-day vulnerabilities to access its NERVE environment. The attackers abused VMware systems for persistence and detection evasion, deploying backdoors and web shells. MITRE identified the threat actor and shared mitigation scripts for other organizations to safeguard their VMware environments. Key takeaways … Read more
April 10, 2024 at 10:52AM A new phishing campaign aimed at Microsoft Windows users deploys various malware, including VenomRAT, Remcos RAT, NanoCore RAT, and XWorm. The attackers use phishing emails with malicious attachments to infiltrate systems, aiming to steal critical data and establish persistence. Vigilance, education, and robust cybersecurity measures are crucial for mitigating such … Read more