October 12, 2023 at 04:59PM A threat actor is using compromised Skype and Microsoft Teams accounts to distribute DarkGate, a malware associated with information theft, keylogging, cryptocurrency mining, and ransomware. The campaign targets organizations in the Americas, and the developer of DarkGate is advertising it on underground forums and leasing it out as a service … Read more
October 12, 2023 at 10:55AM A WordPress backdoor that disguises itself as a legitimate plugin has been discovered by security firm Defiant. The backdoor can run as a plugin and perform various functions, including creating an admin account and serving malicious content based on specific filters. It can also be operated remotely by the threat … Read more
October 12, 2023 at 08:59AM Shadow PC, a cloud gaming service, has notified customers of a data breach resulting from a social engineering attack on an employee. An info-stealer malware was used to steal customer data, including names, email addresses, dates of birth, billing addresses, and credit card expiration dates. Shadow has revoked the stolen … Read more
October 10, 2023 at 09:54AM A new zero-day vulnerability called ‘HTTP/2 Rapid Reset’ has been exploited by malicious actors to launch massive distributed denial-of-service (DDoS) attacks. Cloudflare, Google, and AWS have all experienced record-breaking attacks, with the largest reaching 398 million requests per second. The attacks leverage a feature in the HTTP/2 protocol and have … Read more
October 10, 2023 at 07:00AM A previously unknown threat actor named Grayling has been identified as the culprit behind a series of cyberattacks on organizations in Taiwan, including manufacturing, IT, and biomedical sectors. Symantec’s Threat Hunter Team discovered the attacks, which began in February and utilized a distinct DLL side-loading technique to deploy payloads. The … Read more