Category Archives: Exploits

Executive Summary The xHunt campaign has been active since at least July 2018 and we have seen this group target Kuwait government and shipping and transportation organizations. Recently, we observed evidence that the threat actors compromised a Microsoft Exchange Server at an organization in Kuwait. We do not have visibility into how the actors gained […]

from threatpost.com A first-stage malware loader spotted in active campaigns has added additional exploits and a new backdoor capability. A new version of a known malware campaign aimed at installing cryptominers has changed up its tactics, adding attacks on Windows servers and a new pool of exploits to its bag of tricks. It is also […]

from thehackernews.com With Docker gaining popularity as a service to package and deploy software applications, malicious actors are taking advantage of the opportunity to target exposed API endpoints and craft malware-infested images to facilitate distributed denial-of-service (DDoS) attacks and mine cryptocurrencies. According to a report published by Palo Alto Networks’ Unit 42 threat intelligence team, […]

from www.helpnetsecurity.com Microsoft Exchange servers are an ideal target for attackers looking to burrow into enterprise networks, says Microsoft, as “they provide a unique environment that could allow attackers to perform various tasks using the same built-in tools or scripts that admins use for maintenance.” And while they are not the initial entrance point in […]

from www.securityweek.com A newly identified piece of malware is being distributed embedded in tax payment software that some businesses operating in China are required to install. Dubbed GoldenSpy, the malware was observed as part of a campaign that supposedly started in April 2020, but some of the identified samples suggest the threat has been around […]