backdoor
Microsoft Exchange admins advised to expand antivirus scanning
After having stressed the importance of keeping Exchange servers updated last month, Microsoft is advising administrators to widen the scope of antivirus scanning on those …
Defenders on high alert as backdoor attacks become more common
Although ransomware‘s share of incidents declined only slightly from 2021 to 2022, defenders were more successful detecting and preventing ransomware, according to IBM. …
Attackers use novel technique, malware to compromise hypervisors and virtual machines
Unknown attackers wielding novel specialized malware have managed to compromise VMware ESXi hypervisors and guest Linux and Windows virtual machines, Mandiant threat analysts …
Linux variant of the SideWalk backdoor discovered
ESET researchers have discovered a Linux variant of the SideWalk backdoor, one of the multiple custom implants used by the SparklingGoblin APT group. Commands with different …
CloudMensis backdoor spies on users of compromised Macs
ESET researchers discovered CloudMensis, a macOS backdoor that spies on users of compromised Macs and uses public cloud storage services to communicate back and forth with its …
Researchers unearth highly evasive “parasitic” Linux malware
Security researchers at Intezer and BlackBerry have documented Symbiote, a wholly unique, multi-purpose piece of Linux malware that is nearly impossible to detect. “What …
Attackers employ novel methods to backdoor French organizations
An advanced threat actor has been spotted using distinctive, novel methods to backdoor French entities in the construction, real estate, and government industries. How the …
A new multi-platform backdoor is leveraged by an advanced threat actor
A novel multi-platform backdoor dubbed SysJoker has been successfully evading security solutions since mid-2021. “In the Linux and macOS versions, it masquerades as a …
It takes less than one hour to exploit vulnerable container infrastructure
Aqua Security published a research revealing a continued rise in cyberattacks targeting container infrastructure and supply chains, and showing that it can now take less than …
How data manipulation could be used to trick fraud detection algorithms on e-commerce sites
As the marketing of almost every advanced cybersecurity product will tell you, artificial intelligence is already being used in many products and services that secure …
Encryption is either secure or it’s not – there is no middle ground
The principle of end-to-end encryption underpins a system of communication where only the communicating users can read the messages. To this end, it exists to prevent any …
Attackers tried to insert backdoor into PHP source code
The PHP development team has averted an attempted supply chain compromise that could have opened a backdoor into many web servers. What happened? “[On Sunday, March 28] …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility