Symantec’s Threat Hunter Team, a division of Broadcom, has identified a new backdoor threat called Msupedge that exploits a critical PHP vulnerability for remote code execution and uses DNS traffic for communication with a command-and-control server.
Databarracks’ annual Data Health Check survey reveals a rise in cyber insurance uptake and a decrease in claims, attributed to successful ransomware recoveries and stricter insurance evaluations.
Cybersecurity researchers identify new infrastructure associated with financially motivated threat actor FIN7, including IP addresses assigned to Post Ltd and SmartApe in Russia and Estonia, as well as Stark Industries Solutions.
Xeon Sender, a cloud-based tool, is being used by cybercriminals to carry out large-scale SMS spam and phishing campaigns.
Hackers associated with the North Korean government’s Lazarus APT group leveraged a zero-day exploit in Microsoft Windows to deploy a rootkit on targeted systems, prompting Microsoft to release security updates to address the vulnerability.
UULoader malware delivers Gh0st RAT and Mimikatz through deceptive installers, posing significant risks to cryptocurrency wallet users and government services in East Asia.
