Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion Spyware distributed through Amazon Appstore BADBOX Botnet Is Back Supply Chain Attack on…
Tag: Security Affairs
US charged Dual Russian and Israeli National as LockBit Ransomware developer
US authorities charged a dual Russian and Israeli national for being a developer of the LockBit ransomware group. Rostislav Panev, 51, a dual Russian-Israeli national, was charged as a LockBit ransomware developer. Arrested in Israel, he awaits extradition to the…
BadBox rapidly grows, 190,000 Android devices infected
Experts uncovered a botnet of 190,000 Android devices infected by BadBox bot, primarily Yandex smart TVs and Hisense smartphones. Bitsight researchers uncovered new BADBOX infrastructure, company’s telemetry shows that over 192,000 devices were infected with the BADBOX bot. The botnet includes…
Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks
Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, pleading guilty to fraud charges in June. Romanian national Daniel Christian Hulea, 30, was sentenced to 20 years in prison for his role in…
Sophos fixed critical vulnerabilities in its Firewall product
Sophos fixed three Sophos Firewall flaws that could lead to SQL injection, privileged SSH access to devices, and remote code execution. Sophos has addressed three vulnerabilities, respectively tracked as CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729, in its Sophos Firewall solution. The vulnerabilities…
U.S. CISA adds BeyondTrust software flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the BeyondTrust Privileged Remote Access (PRA)…
Raccoon Infostealer operator sentenced to 60 months in prison
Raccoon Infostealer operator Mark Sokolovsky was sentenced to 60 months in US prison and ordered to pay over $910,000 in restitution. The US Department of Justice sentenced the Ukrainian national Mark Sokolovsky (28) for his role in the distribution of…
Mirai botnet targets SSR devices, Juniper Networks warns
Juniper Networks warns that a Mirai botnet is targeting SSR devices with default passwords after unusual activity was reported on December 11, 2024. Juniper Networks is warning that a Mirai botnet is targeting Session Smart Router (SSR) products with default…
Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM
Fortinet warns of a patched FortiWLM vulnerability that could allow admin access and sensitive information disclosure. Fortinet warned of a now-patched Wireless LAN Manager (FortiWLM) vulnerability, tracked as CVE-2023-34990 (CVSS score of 9.6), that could lead to admin access and…
CERT-UA: Russia-linked UAC-0125 abuses Cloudflare Workers to target Ukrainian army
The Computer Emergency Response Team of Ukraine (CERT-UA) warns that the threat actor UAC-0125 abuses Cloudflare Workers services to target the Ukrainian army with Malware. The Computer Emergency Response Team of Ukraine (CERT-UA) warns that the threat actor UAC-0125 exploits…