BazarLoader Adds Compromised Installers, ISO to Arrival and Delivery Vectors

BazarLoader Adds Compromised Installers, ISO to Arrival and Delivery Vectors

Conclusion The number of arrival mechanism variations used in BazarLoader campaigns continue to increase as threat actors diversify their attack patterns to evade detection. However, both techniques are noteworthy and still work despite their lack of novelty due to singular detection technologies’ limitations. For instance, while the use of compromised installers has been observed with other malware, the large file size can still challenge detection solutions — such as sandboxes — which may implement file…

Read More

Groups Target Alibaba ECS Instances for Cryptojacking

Groups Target Alibaba ECS Instances for Cryptojacking

Groups Target Alibaba ECS Instances for Cryptojacking Cloud We looked at how some malicious groups disable features in Alibaba Cloud ECS instances for illicit mining of Monero. By: David Fiser, Alfredo Oliveira November 15, 2021 Read time:  ( words) It’s been known that threat actors are actively exploiting misconfigured Linux-powered servers, regardless of whether they run on-premises or in the cloud. The compromised devices are mostly used for cryptojacking purposes with the dominance of mining…

Read More

This Week in Security News – November 12, 2021

This Week in Security News – November 12, 2021

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about the prolific cybermercenaries, Void Balaur, and their recent attacks. Also, read on the 80-country agreement to mobilize safeguards against cyberattacks. Read on: Void Balaur and the Rise of the Cybermercenary Industry One of the most prolific cybermercenaries is Void Balaur, a Russian-speaking threat actor group that…

Read More
1 7 8 9