Russian state-sponsored actor Coldriver uses spear phishing attacks to install the Spica backdoor on victim systems.
Tag: backdoor
Malware authors join forces and target organisations with Domino Backdoor
There’s a new ransomware gang in town, stitched together from members of well known threat creators to push a new kind…
Visitors of tax return e-file service may have downloaded malware
The IRS-authorized electronic filing service for tax returns, eFile.com, has been caught serving a couple of malicious JavaScript (JS) files these…
Timely patching is good, but sometimes it’s not enough
Ransomware gangs have shown that they can play a long game, so it shouldn’t come as a surprise to learn of…
Malware targets 30 unpatched WordPress plugins
If you make use of plugins on your WordPress site (and you probably do), it’s time to take a good look…
A week in security (July 25 – July 31)
Last week on Malwarebytes Labs: Stay safe!
IIS extensions are on the rise as backdoors to servers
The Microsoft 365 Defender Research Team has warned that attackers are increasingly leveraging Internet Information Services (IIS) extensions as covert backdoors into servers….
APT34 targets Jordan Government using new Saitama backdoor
On April 26th, we identified a suspicious email that targeted a government official from Jordan’s foreign ministry. The email contained a…
Has your WordPress site been backdoored by a skimmer?
Skimmers and other threat actors are backdooring websites, and WordPress instances in particular, according to a recently released report. Researchers at…
Kimsuky APT continues to target South Korean government using AppleSeed backdoor
This blog post was authored by Hossein Jazi. The Kimsuky APT—also known as Thallium, Black Banshee, and Velvet Chollima—is a North…