Active Threats
New ‘Powerdrop’ Powershell Malware Targets U.S. Aerospace Industry
[ Posted: 2023-06-06 ]
A new PowerShell malware called "PowerDrop" specifically targets the U.S. aerospace defense industry. The cybersecurity firm Adlumin, found a sample of this malware in the network of a defense contractor in the U.S. PowerDrop utilizes PowerShell and Windows Management Instrumentation (WMI) to establish a persistent remote access trojan (RAT) within the compromised networks. The tactics employed by the malware fall somewhere between "off-the-shelf" malware and sophisticated advanced persistent threat (APT) techniques. Based on the timing and targets of the attacks, it is highly probable that the perpetrator behind the malware is a state-sponsored entity.
Read Full Report
Cyclops Ransomware Gang Offers Go-Based Info Stealer to Cybercriminals
[ Posted: 2023-06-06 ]
Threat actors associated with the Cyclops ransomware have been observed offering an information stealer malware that's designed to capture sensitive data from infected hosts. ‘The threat actor behind this [ransomware-as-a-service] promotes its offering on forums," Uptycs said in a new report.' ‘There it requests a share of profits from those engaging in malicious activities using its malware.’ The Go-based stealer, for its part, is designed to target Windows and Linux systems, capturing details such as operating system information, computer name, number of processes, and files of interest matching specific extensions.
Read Full Report
Google Fixes New Chrome Zero-Day Flaw With Exploit in the Wild
[ Posted: 2023-06-06 ]
Yesterday, Google released security updates to address a zero-day flaw in its Chrome web browser. Tracked as CVE-2023-3079, the bug has been assessed as a high-severity issue and is related to a type confusion bug in the Chrome V8 JavaScript engine. “Type confusion bugs arise when the engine misinterprets the type of an object during runtime, potentially leading to malicious memory manipulation and arbitrary code execution.
Read Full Report
Iowa Reports Third Big Vendor Breach This Year
[ Posted: 2023-06-06 ]
The state government of Iowa has recently reported its third major health data breach since April, all involving third-party vendors. The most recent breach occurred at dental health insurer MCNA Insurance Co., with the Iowa Department of Health and Human Services disclosing that hackers compromised the protected health information of nearly 234,000 Iowa residents.
Read Full Report
Alarming Surge in TrueBot Activity Revealed with New Delivery Vectors
[ Posted: 2023-06-06 ]
VMware’s Carbon Black Managed Detection and Response (MDR) team saw a surge in TrueBot activity in May 2023. TrueBot is a botnet that has been active since 2017 and is linked to the Silence group, a cybercriminal group that is known for targeting banks and financial institutions, in addition to the educator sector. According to VMware’s MDR team, TrueBot has been under active development by Silence, with the latest versions now leveraging a Netwrix vulnerability (CVE-2022-31199, CVSS score: 9.8) as a delivery vector.
Read Full Report
Back to Cyber Threats
Next 5 Cyber Threats