New Phishing Campaign Deploys WARMCOOKIE Backdoor Targeting Job Seekers

New Phishing Campaign Deploys WARMCOOKIE Backdoor Targeting Job Seekers

New Phishing Campaign Deploys WARMCOOKIE Backdoor Targeting Job Seekers Cybersecurity researchers have disclosed details of an ongoing phishing campaign that leverages recruiting- and job-themed lures to deliver a Windows-based backdoor named WARMCOOKIE. “WARMCOOKIE appears to be an initial backdoor tool used to scout out victim networks and deploy additional payloads,” Read more…

Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks

Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks

Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks A previously undocumented “flexible” backdoor called Kapeka has been “sporadically” observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. The findings come from Finnish cybersecurity firm WithSecure, which attributed the malware to the Russia-linked advanced persistent Read more…

Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor

Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor

Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor A new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown backdoor dubbed MadMxShell. “The threat actor registered multiple look-alike domains using a typosquatting technique and leveraged Google Ads Read more…

Hackers Target Middle East Governments with Evasive "CR4T" Backdoor

Hackers Target Middle East Governments with Evasive "CR4T" Backdoor

Hackers Target Middle East Governments with Evasive "CR4T" Backdoor Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4T. Russian cybersecurity company Kaspersky said it discovered the activity in February 2024, with evidence suggesting that it may have been active since at least Read more…

New Backdoor Targeting European Officials Linked to Indian Diplomatic Events

New Backdoor Targeting European Officials Linked to Indian Diplomatic Events

New Backdoor Targeting European Officials Linked to Indian Diplomatic Events A previously undocumented threat actor dubbed SPIKEDWINE has been observed targeting officials in European countries with Indian diplomatic missions using a new backdoor called WINELOADER. The adversary, according to a report from Zscaler ThreatLabz, used a PDF file in emails that purported to come Read more…