Russian state-sponsored actor Coldriver uses spear phishing attacks to install the Spica backdoor on victim systems.
Tag: backdoor
Malware authors join forces and target organisations with Domino Backdoor
There’s a new ransomware gang in town, stitched together from members of well known threat creators to push a new kind…
Visitors of tax return e-file service may have downloaded malware
The IRS-authorized electronic filing service for tax returns, eFile.com, has been caught serving a couple of malicious JavaScript (JS) files these…
Timely patching is good, but sometimes it’s not enough
Ransomware gangs have shown that they can play a long game, so it shouldn’t come as a surprise to learn of…
A week in security (July 25 – July 31)
Last week on Malwarebytes Labs: Stay safe!
IIS extensions are on the rise as backdoors to servers
The Microsoft 365 Defender Research Team has warned that attackers are increasingly leveraging Internet Information Services (IIS) extensions as covert backdoors into servers….
Has your WordPress site been backdoored by a skimmer?
Skimmers and other threat actors are backdooring websites, and WordPress instances in particular, according to a recently released report. Researchers at…
Kimsuky APT continues to target South Korean government using AppleSeed backdoor
This blog post was authored by Hossein Jazi. The Kimsuky APT—also known as Thallium, Black Banshee, and Velvet Chollima—is a North…
Signal app insists it’s so private it can’t provide subpoenaed call data
Signal—the private, end-to-end encrypted messaging app that surged in popularity in recent months—once again reminded criminal investigators that it could not…
SolarWinds advanced cyberattack: What happened and what to do now
We learned more about the sophisticated attack first disclosed on December 8 when security firm FireEye reported it had been the…