Russia-Linked Turla Exploits Pakistani Hackers' Servers to Target Afghan and Indian Entities

Russia-Linked Turla Exploits Pakistani Hackers' Servers to Target Afghan and Indian Entities

Russia-Linked Turla Exploits Pakistani Hackers' Servers to Target Afghan and Indian Entities The Russia-linked advanced persistent threat (APT) group known as Turla has been linked to a previously undocumented campaign that involved infiltrating the command-and-control (C2) servers of a Pakistan-based hacking group named Storm-0156 to conduct its own operations since Read more…

Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers

Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers

Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers A critical security flaw impacting the ProjectSend open-source file-sharing application has likely come under active exploitation in the wild, according to findings from VulnCheck. The vulnerability, originally patched over a year-and-a-half ago as part of a commit pushed in May Read more…

Cryptocurrency Mining and Proxyjacking

New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking

New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking Oct 03, 2024Ravie LakshmananLinux / Malware Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software. “Perfctl is particularly elusive and Read more…

Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers

Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers

Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers Cybersecurity researchers have discovered a previously undocumented malware targeting Android devices that uses compromised WordPress sites as relays for its actual command-and-control (C2) servers for detection evasion. The malware, codenamed Wpeeper, is an ELF binary that leverages the HTTPS protocol Read more…