Cybersecurity News - Page 7

Webworm has shifted from the McRat and Trochilus remote access trojans to lightweight proxy infrastructure and cloud-based C&C mechanisms.

The intrusion chain involved attackers delivering a legitimate executable, a matching .config file, and a malicious DLL designed for sideloading into the trusted process.

The service abused Microsoft Artifact Signing to generate short-term certificates that allowed malware to appear as legitimate software.

The updated malware targets macOS users via fake installers for popular applications including WeChat and Miro.

The upcoming patches will cover Drupal core branches 11.3.x, 11.2.x, 10.6.x, and 10.5.x.

The operation involved law enforcement agencies from 13 countries aiming to dismantle malicious cyber infrastructure and disrupt phishing campaigns.

TencShell is a customized, Go-based command-and-control (C&C) implant based on the open-source Rshell framework.

The company said its investigation found no evidence that customer data, personal information, or customer systems were affected by the incident.

Symantec linked the malware directly to LS-DYNA and Autodyn, two industrial simulation suites widely used for modeling detonations.

Attackers siphoned off more than 36 Bitcoin along with an additional $7 million in other cryptocurrencies.