Cybersecurity News - Page 305

Dropper can download other malware from a remote command-and-control server, exfiltrate sensitive data, and even delete itself from the compromised system.

Macsteel representatives said that the company’s systems "returned back to normal" within two business days of the breach and no critical information was affected.

Previously, the malware was mainly spread through spam emails, but in a recent campaign Raccoon has been delivered via cracked software.

Over the past few years, numerous attacks were observed targeting misconfigured Kubernetes installs.

Besides its traditional bot and mining activities, the malware comes with a variety of functionalities allowing it to steal credentials, remove security controls, spread via emails, move laterally, etc.

The attacks involved the exploitation of Microsoft Exchange Server vulnerabilities, the deployment of the China Chopper web shell, and the use of Mimikatz to collect credentials.

The official website for booking COVID-19 vaccinations was unavailable for several hours on Sunday preventing citizens from booking appointments for a coronavirus vaccine.

Dubbed GhostEmperor, the threat actor has been observed using a never-before-seen Windows kernel-mode rootkit.

Researchers discovered more than 30 command-and-control servers under control of APT29 that were delivering WellMess.

The hackers are believed to have had access to compromised accounts from approximately May 7 to December 27, 2020.