Compromised Website Images Camouflage ObliqueRAT Malware
.
The ObliqueRAT malware is now cloaking its payloads as seemingly-innocent image files that are hidden on compromised websites.
Similar Posts
Rapid7 says hackers accessed some of its source code in Codecov supply-chain attack
Cybersecurity firm Rapid7 revealed that an unauthorized party accessed some of its source code in a security incident linked to the Codecov supply-chain attack. Last month, Codecov disclosed a security incident involving its Bash Uploader script, a tool that provides a framework and language-agnostic method for sending coverage reports to Codecov. The company…
Biden Faces Russian Ransomware Curtailment Challenge
3rd Party Risk Management , Active Defense & Deception , Breach Notification White House Tells Moscow: Take Action, or We ‘Reserve the Right’ to Do So Mathew J. Schwartz (euroinfosec) • July 8, 2021 President Joe Biden (Photo: White House, via Flickr/CC) The Biden administration has a message for Russia: Rein in the…
Microsoft Finds ‘BadAlloc’ Flaws Affecting Wide-Range of IoT and OT Devices – KK Hack Labs
Microsoft researchers on Thursday disclosed two dozen vulnerabilities affecting a wide range of Internet of Things (IoT) and Operational Technology (OT) devices used in industrial, medical, and enterprise networks that could be abused by adversaries to execute arbitrary code and even cause critical systems to crash.“These remote code execution (RCE) vulnerabilities cover more than 25…
Kansas Man Faces Federal Charges Over Water Treatment Hack
Critical Infrastructure Security , Cybercrime , Fraud Management & Cybercrime DOJ: Wyatt Travnichek Allegedly Accessed Cleaning and Disinfecting System Prajeet Nair (@prajeetspeaks) • April 2, 2021 This is the website of the Ellsworth County Rural Water District in Kansas. The facility was targeted in an attack in 2019, according to the Justice Department….
Belgium Investigating Attack on Interior Ministry Network
Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Fraud Risk Management Federal Public Service Interior Investigating Possible Cyberespionage Campaign Akshaya Asokan (asokan_akshaya) • May 27, 2021 Belgium’s Federal Public Service Interior is investigating a possible cyberespionage campaign. Belgium’s interior ministry, Federal Public Service Interior, is investigating an attack against its network…
Ongoing attacks are targeting unsecured mission-critical SAP apps
Threat actors are targeting mission-critical SAP applications unsecured against already patched vulnerabilities, exposing the networks of commercial and government organizations to attacks. Over 400,000 orgs worldwide and 92% of Forbes Global 2000 use SAP’s enterprise apps for supply chain management (SCM), enterprise resource planning (ERP), product lifecycle management (PLM), and customer relationship management (CRM). SAP…