New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin America

New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin America

,

Spanish-speaking users in Latin America have been at the receiving end of a new botnet malware dubbed Horabot since at least November 2020.
« Horabot enables the threat actor to control the victim’s Outlook mailbox, exfiltrate contacts’ email addresses, and send phishing emails with malicious HTML attachments to all addresses in the victim’s mailbox, » Cisco Talos researcher Chetan Raghuprasad 

,

Spanish-speaking users in Latin America have been at the receiving end of a new botnet malware dubbed Horabot since at least November 2020.
« Horabot enables the threat actor to control the victim’s Outlook mailbox, exfiltrate contacts’ email addresses, and send phishing emails with malicious HTML attachments to all addresses in the victim’s mailbox, » Cisco Talos researcher Chetan Raghuprasad 

, ,
https://thehackernews.com/2023/06/new-botnet-malware-horabot-targets.html

The Importance of Managing Your Data Security Posture

The Importance of Managing Your Data Security Posture,

Data security is reinventing itself. As new data security posture management solutions come to market, organizations are increasingly recognizing the opportunity to provide evidence-based security that proves how their data is being protected. But what exactly is data security posture, and how do you manage it? 
Data security posture management (DSPM) became mainstream following the publication

,

Data security is reinventing itself. As new data security posture management solutions come to market, organizations are increasingly recognizing the opportunity to provide evidence-based security that proves how their data is being protected. But what exactly is data security posture, and how do you manage it? 
Data security posture management (DSPM) became mainstream following the publication

, ,
https://thehackernews.com/2023/06/the-importance-of-managing-your-data.html

Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering

Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering,

The Chinese nation-stage group known as Camaro Dragon has been linked to yet another backdoor that’s designed to meet its intelligence-gathering goals.
Israeli cybersecurity firm Check Point, which dubbed the Go-based malware TinyNote, said it functions as a first-stage payload capable of « basic machine enumeration and command execution via PowerShell or Goroutines. »
What the malware lacks in

,

The Chinese nation-stage group known as Camaro Dragon has been linked to yet another backdoor that’s designed to meet its intelligence-gathering goals.
Israeli cybersecurity firm Check Point, which dubbed the Go-based malware TinyNote, said it functions as a first-stage payload capable of « basic machine enumeration and command execution via PowerShell or Goroutines. »
What the malware lacks in

, ,
https://thehackernews.com/2023/06/camaro-dragon-strikes-with-new-tinynote.html

North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks

North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks

,

U.S. and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors’ use of social engineering tactics to strike think tanks, academia, and news media sectors.
The « sustained information gathering efforts » have been attributed to a state-sponsored cluster dubbed Kimsuky, which is also known by the names APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet (

,

U.S. and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors’ use of social engineering tactics to strike think tanks, academia, and news media sectors.
The « sustained information gathering efforts » have been attributed to a state-sponsored cluster dubbed Kimsuky, which is also known by the names APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet (

, ,
https://thehackernews.com/2023/06/north-koreas-kimsuky-group-mimics-key.html

MOVEit Transfer Under Attack: Zero-Day Vulnerability Actively Being Exploited

MOVEit Transfer Under Attack: Zero-Day Vulnerability Actively Being Exploited,

A critical flaw in Progress Software’s in MOVEit Transfer managed file transfer application has come under widespread exploitation in the wild to take over vulnerable systems.
The shortcoming, which is yet to be assigned a CVE identifier, relates to a severe SQL injection vulnerability that could lead to escalated privileges and potential unauthorized access to the environment.
« An SQL injection

,

A critical flaw in Progress Software’s in MOVEit Transfer managed file transfer application has come under widespread exploitation in the wild to take over vulnerable systems.
The shortcoming, which is yet to be assigned a CVE identifier, relates to a severe SQL injection vulnerability that could lead to escalated privileges and potential unauthorized access to the environment.
« An SQL injection

, ,
https://thehackernews.com/2023/06/moveit-transfer-under-attack-zero-day.html

Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks

Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks,

An analysis of the « evasive and tenacious » malware known as QBot has revealed that 25% of its command-and-control (C2) servers are merely active for a single day.
What’s more, 50% of the servers don’t remain active for more than a week, indicating the use of an adaptable and dynamic C2 infrastructure, Lumen Black Lotus Labs said in a report shared with The Hacker News.
« This botnet has adapted

,

An analysis of the « evasive and tenacious » malware known as QBot has revealed that 25% of its command-and-control (C2) servers are merely active for a single day.
What’s more, 50% of the servers don’t remain active for more than a week, indicating the use of an adaptable and dynamic C2 infrastructure, Lumen Black Lotus Labs said in a report shared with The Hacker News.
« This botnet has adapted

, ,
https://thehackernews.com/2023/06/evasive-qbot-malware-leverages-short.html

New Zero-Click Hack Targets iOS Users with Stealthy Root-Privilege Malware

New Zero-Click Hack Targets iOS Users with Stealthy Root-Privilege Malware,

A previously unknown advanced persistent threat (APT) is targeting iOS devices as part of a sophisticated and long-running mobile campaign dubbed Operation Triangulation that began in 2019.
« The targets are infected using zero-click exploits via the iMessage platform, and the malware runs with root privileges, gaining complete control over the device and user data, » Kaspersky said.
The Russian

,

A previously unknown advanced persistent threat (APT) is targeting iOS devices as part of a sophisticated and long-running mobile campaign dubbed Operation Triangulation that began in 2019.
« The targets are infected using zero-click exploits via the iMessage platform, and the malware runs with root privileges, gaining complete control over the device and user data, » Kaspersky said.
The Russian

, ,
https://thehackernews.com/2023/06/new-zero-click-hack-targets-ios-users.html

Unmasking XE Group: Experts Reveal Identity of Suspected Cybercrime Kingpin

Unmasking XE Group: Experts Reveal Identity of Suspected Cybercrime Kingpin,

Cybersecurity researchers have unmasked the identity of one of the individuals who is believed to be associated with the e-crime actor known as XE Group.
According to Menlo Security, which pieced together the information from different online sources, « Nguyen Huu Tai, who also goes by the names Joe Nguyen and Thanh Nguyen, has the strongest likelihood of being involved with the XE Group. »
XE

,

Cybersecurity researchers have unmasked the identity of one of the individuals who is believed to be associated with the e-crime actor known as XE Group.
According to Menlo Security, which pieced together the information from different online sources, « Nguyen Huu Tai, who also goes by the names Joe Nguyen and Thanh Nguyen, has the strongest likelihood of being involved with the XE Group. »
XE

, ,
https://thehackernews.com/2023/06/unmasking-xe-group-experts-reveal.html

Malicious PyPI Packages Using Compiled Python Code to Bypass Detection

Malicious PyPI Packages Using Compiled Python Code to Bypass Detection,

Researchers have discovered a novel attack on the Python Package Index (PyPI) repository that employs compiled Python code to sidestep detection by application security tools.
« It may be the first supply chain attack to take advantage of the fact that Python bytecode (PYC) files can be directly executed, » ReversingLabs analyst Karlo Zanki said in a report shared with The Hacker News.
The package

,

Researchers have discovered a novel attack on the Python Package Index (PyPI) repository that employs compiled Python code to sidestep detection by application security tools.
« It may be the first supply chain attack to take advantage of the fact that Python bytecode (PYC) files can be directly executed, » ReversingLabs analyst Karlo Zanki said in a report shared with The Hacker News.
The package

, ,
https://thehackernews.com/2023/06/malicious-pypi-packages-using-compiled.html

How Wazuh Improves IT Hygiene for Cyber Security Resilience

How Wazuh Improves IT Hygiene for Cyber Security Resilience,

IT hygiene is a security best practice that ensures that digital assets in an organization’s environment are secure and running properly. Good IT hygiene includes vulnerability management, security configuration assessments, maintaining asset and system inventories, and comprehensive visibility into the activities occurring in an environment.
As technology advances and the tools used by

,

IT hygiene is a security best practice that ensures that digital assets in an organization’s environment are secure and running properly. Good IT hygiene includes vulnerability management, security configuration assessments, maintaining asset and system inventories, and comprehensive visibility into the activities occurring in an environment.
As technology advances and the tools used by

, ,
https://thehackernews.com/2023/06/how-wazuh-improves-it-hygiene-for-cyber.html