We found an internet of things (IoT) Mirai botnet downloader exploiting CVE-2020-5902 in the wild, two weeks after getting a 10 out of 10 CVSS rating in its disclosure. Analyzing the said variant, it can also abuse nine other recently discovered security bugs in other devices.
Read More
We have recently detected variants of two existing Linux botnet malware types targeting exposed Docker servers; these are XORDDoS malware and Kaiji DDoS malware. While the XORDDoS attack infiltrated the Docker server to infect all the containers hosted on it, the Kaiji attack deploys its own container that will contain its DDoS malware.
Read More
We found two malware files that pose as Zoom app installers. One of the samples installs a backdoor that allows malicious actors to run routines remotely, while the other sample involves the installation of the Devil Shadow botnet in devices.
Read More
We found new details on the tools and techniques the Momentum botnet is currently using to compromise devices and perform distributed denial-of-service (DDoS) attacks, and propagate with numerous exploits.
Read More
The threat group APT33 is known to target the oil and aviation industries aggressively. Our recent findings show that the group uses about a dozen live Command and Control (C&C) servers for extremely narrow targeted malware campaigns against organizations in the Middle East, the U.S., and Asia.
Read More