The Godfather Android banking trojan has been observed targeting over 400 banking and crypto applications in 16 countries, threat intelligence firm Group-IB warns.
Russian APT Gamaredon Changes Tactics in Attacks Targeting Ukraine
Russia-linked Gamaredon, a hacking group known for providing services to other advanced persistent threat (APT) actors, is one of the most intrusive, continuously active APTs targeting Ukraine, Palo Alto Networks’ Unit 42 warns.
Ukraine’s Delta Military Intelligence Program Targeted by Hackers
New ‘RisePro’ Infostealer Increasingly Popular Among Cybercriminals
A recently identified information stealer named ‘RisePro’ is being distributed by pay-per-install malware downloader service ‘PrivateLoader’, cyberthreat firm Flashpoint reports.
Written in C++, RisePro harvests potentially sensitive information from the compromised machines and then attempts to exfiltrate it as logs.
FoxIt Patches Code Execution Flaws in PDF Tools
Foxit Software has rolled out a critical-severity patch to cover a dangerous remote code execution flaw in its flagship PDF Reader and PDF Editor products.
Malicious PyPI Module Poses as SentinelOne SDK
Security researchers with ReversingLabs warn of a new supply chain attack using a malicious PyPI module that poses as a software development kit (SDK) from the cybersecurity firm SentinelOne.
Glupteba Botnet Still Active Despite Google’s Disruption Efforts
An analysis conducted by OT and IoT cybersecurity firm Nozomi Networks shows that the Glupteba botnet is still active following Google’s efforts to disrupt the cybercrime operation.
US Food Companies Warned of BEC Attacks Stealing Food Product Shipments
The Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of Agriculture (USDA) are raising alarm on business email compromise (BEC) attacks leading to the theft of shipments of food products and ingredients.
Chinese Cyberspies Targeted Japanese Political Entities Ahead of Elections
A Chinese cyberespionage group known as MirrorFace has been observed targeting Japanese political entities ahead of the House of Councillors election in July 2022.
Believed to have ties with APT10, MirrorFace is known for the targeting of academic institutions, defense-related firms, diplomatic organizations, media companies, and think tanks in Japan.
CISA Warns Veeam Backup & Replication Vulnerabilities Exploited in Attacks
The US Cybersecurity and Infrastructure Security Agency (CISA) has added two flaws affecting Veeam’s Backup & Replication product to its Known Exploited Vulnerabilities Catalog.