March 6, 2024 at 05:39PM Researchers have detected a cyber campaign targeting vulnerable cloud servers running Apache Hadoop, Atlassian Confluence, Docker, and Redis. The attackers deploy a cryptomining tool and a Linux-based reverse shell for potential future targeting. The campaign, known as Spinning YARN, exploits known vulnerabilities and misconfigurations, with tactics overlapping with threat groups … Read more
December 5, 2023 at 03:12AM A new cyber threat, AeroBlade, targeted a U.S. aerospace company in a suspected espionage attempt. The BlackBerry team identified the attack, which utilized spear-phishing, remote template injection, and a malicious VBA macro. Attacks started in September 2022 and became more stealthy over time, culminating in July 2023 with a reverse … Read more
December 4, 2023 at 10:01AM BlackBerry uncovered ‘AeroBlade’, a new hacking group targeting the U.S. aerospace sector. Using spear-phishing attacks, AeroBlade deployed reverse-shell payloads for data theft, focusing on cyber espionage. The threat evolved from testing in 2022 to sophisticated attacks in 2023, with unknown origins and objectives speculated to be selling or leveraging stolen … Read more
November 3, 2023 at 09:42AM 48 malicious npm packages containing obfuscated JavaScript have been discovered in the npm repository. These packages, uploaded by an npm user named hktalent, can deploy a reverse shell on compromised systems. The attack is triggered post-installation, establishing a reverse shell to rsh.51pwn[.]com. This highlights the increasing interest of threat actors … Read more