UNC4034 Trojanizing PuTTY
North Korean-based threat actors UNC4034 are using trojanized versions of the PuTTY SSH open-source terminal emulator to install backdoors on victims' devices. The campaign, trying to trick victims into clicking…
Fishpig Backdoored
FishPig, a UK-based maker of e-commerce software used by as many as 200,000 websites, is urging customers to reinstall or update all existing program extensions after discovering a security breach…
Chinese Threat Actors using numerous Backdoors to steal info
Researcherd discovered, chinese based threat actors dubbed T428, are used specially crafted phishing emails and six different backdoors to break into and then steal confidential data from military and industrial…
Malicious IIS Extensions Backdooring Exchange Servers
Threat actors are exploiting the IIS web servers to install backdoors and steal credentials in their latest campaign. Microsoft 365 Defender Research Team has revealed hackers are now using Microsoft’s…
CloudMensis ! A New macOS backdoor
Security researchers have found a new macOS backdoor dubbed CloudMensis being used in targeted attacks to steal sensitive information from victims. The threat exclusively uses public cloud storage services to…
Rozena Backdoor distributed through Follina Bug
Reearchers seen a phishing campaign that is making use of Follina security vulnerability to distribute the Rozena backdoor on Windows systems. The Rozena backdoor is able to inject a remote shell connection back…
Session Manager Backdooring Microsoft Exchange server
Attackers using a new SessionManager backdoor, which can be used to gain persistent, undetected access to emails and even take over the target organization's infrastructure. Researchers reported the emergence of…
LuoYu employs Man-on-the-side attack to plant backdoor
A sophisticated Chinese APT actor dubbed LuoYu has been observed using a malicious Windows tool called WinDealer that allows the actor to modify network traffic in-transit to insert malicious payloads LuoYu…