#RemoteAccessAttack

Bumblebee Malware Returns with New Tricks, Targeting U.S. Businesses

by

February 14, 2024 at 07:15AM Infamous malware loader Bumblebee resurfaces in a new phishing campaign targeting organizations in the U.S. Proofpoint warned about voicemail-themed lures leading to Word files with VBA macros launching PowerShell commands to execute Bumblebee. The attack chain relies on macro-enabled documents, coinciding with reappearance of new variants of QakBot, ZLoader, and … Read more

Novel backdoor persists even after critical Confluence vulnerability is patched

by

November 14, 2023 at 06:03AM A new backdoor has been discovered in organizations’ environments, exploiting a critical vulnerability in Atlassian Confluence. The backdoor allows attackers remote access to a victim’s Confluence server and other network resources. It persists even after Confluence patches are applied. The malware responsible, called Effluence, is difficult to detect. Organizations are … Read more