New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics

New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics

New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics A new elaborate attack campaign has been observed employing PowerShell and VBScript malware to infect Windows systems and harvest sensitive information. Cybersecurity company Securonix, which dubbed the campaign DEEP#GOSU, said it’s likely associated with the North Korean state-sponsored group tracked Read more…

RedCurl Cybercrime Group Abuses Windows PCA Tool for Corporate Espionage

RedCurl Cybercrime Group Abuses Windows PCA Tool for Corporate Espionage

RedCurl Cybercrime Group Abuses Windows PCA Tool for Corporate Espionage The Russian-speaking cybercrime group called RedCurl is leveraging a legitimate Microsoft Windows component called the Program Compatibility Assistant (PCA) to execute malicious commands. “The Program Compatibility Assistant Service (pcalua.exe) is a Windows service designed to identify and address compatibility issues with older Read more…

Researchers Detail Kubernetes Vulnerability That Enables Windows Node Takeover

Researchers Detail Kubernetes Vulnerability That Enables Windows Node Takeover

Researchers Detail Kubernetes Vulnerability That Enables Windows Node Takeover Details have been made public about a now-patched high-severity flaw in Kubernetes that could allow a malicious attacker to achieve remote code execution with elevated privileges under specific circumstances. “The vulnerability allows remote code execution with SYSTEM privileges on all Windows Read more…

Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks

Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks

Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level access and disable security software on compromised hosts. The vulnerability in question is CVE-2024-21338 (CVSS score: 7.8), which can Read more…

Malicious PyPI Packages

Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines

Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines Jan 29, 2024NewsroomPyPI Repository / Malware Cybersecurity researchers have identified malicious packages on the open-source Python Package Index (PyPI) repository that deliver an information stealing malware called WhiteSnake Stealer on Windows systems. The malware-laced packages are named nigpal, figflix, telerer, Read more…