Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

Chinese Hackers Target Government Officials in Europe, South America and Middle East

A Chinese hacking group has been attributed to a new campaign aimed at infecting government officials in Europe, the Middle East, and South America with a modular malware known as PlugX. Cybersecurity firm Secureworks said it identified the intrusions in June and July 2022, once again demonstrating the adversary's continued focus on espionage against governments around the world. "PlugX is

The Hacker News
Open in Source
#windows#git#intel#backdoor#pdf#The Hacker News
CVE-2022-3129: Online_Driving_School_Project_In_PHP_With_Source_Code_Vulnerabilities/arbitrary_file_upload.md at main · KingBridgeSS/Online_Driving_School_Project_In_PHP_With_Source_Code_Vulnerabilities

A vulnerability was found in codeprojects Online Driving School. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registration.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-207872.

Backdoor.Win32.Hupigon.aspg MVID-2022-0634 Unquoted Service Path

Backdoor.Win32.Hupigon.aspg malware suffers from an unquoted service path vulnerability.

Backdoor.Win32.Winshell.5_0 MVID-2022-0633 Hardcoded Credential

Backdoor.Win32.Winshell.5_0 malware suffers from a hardcoded credential vulnerability.

Iran-Linked APT Cozies Up to 'Enemies' in Trust-Based Spy Game

APT42 is posing as a friend to people considered threats to the government, using a raft of different tools to steal relevant info and perform surveillance.

North Korean Hackers Deploying New MagicRAT Malware in Targeted Campaigns

The prolific North Korean nation-state actor known as the Lazarus Group has been linked to a new remote access trojan called MagicRAT. The previously unknown piece of malware is said to have been deployed in victim networks that had been initially breached via successful exploitation of internet-facing VMware Horizon servers, Cisco Talos said in a report shared with The Hacker News. "While being

Mysterious 'Worok' Group Launches Spy Effort With Obfuscated Code, Private Tools

The threat actor — whose techniques and procedures do not match known groups — has created custom attack tools, including a program that hides scripts in .PNG images.

TeslaGun Primed to Blast a New Wave of Backdoor Cyberattacks

What under-the-hood details of newly discovered attack control panel tells us about how the Evil Corp threat group manages its ServHelper backdoor malware campaigns.

Worok Hackers Target High-Profile Asian Companies and Governments

High-profile companies and local governments located primarily in Asia are the subjects of targeted attacks by a previously undocumented espionage group dubbed Worok that has been active since late 2020. "Worok's toolset includes a C++ loader CLRLoad, a PowerShell backdoor PowHeartBeat, and a C# loader PNGLoad that uses steganography to extract hidden malicious payloads from PNG files," ESET

TA505 Hackers Using TeslaGun Panel to Manage ServHelper Backdoor Attacks

Cybersecurity researchers have offered insight into a previously undocumented software control panel used by a financially motivated threat group known as TA505. "The group frequently changes its malware attack strategies in response to global cybercrime trends," Swiss cybersecurity firm PRODAFT said in a report shared with The Hacker News. "It opportunistically adopts new technologies in order