RedLine Stealer malware is the key source for data collection across underground...

Free trial versions of WinRAR 5.70 consisted of a Remote Code Execution (RCE) vu...

Recently discovered NPM malware poses as a legitimate Javascript library but lau...

Russia

Redline Infostealer

Amigoes

RedLine Stealer malware responsible for stealing majority of the credentials

RedLine Stealer malware is the key source for data collection across underground forums; it collects usernames, passwords, cookies, and payment card information and puts it up for sale online. ...

22-Oct-2021

3 min read

RCE

WinRAR

Two years old version of WinRAR detected with RCE Vulnerability tracked as CVE-2...

Free trial versions of WinRAR 5.70 consisted of a Remote Code Execution (RCE) vulnerability that allowed an attacker to intercept and modify requests; it has since been patched......

22-Oct-2021

4 min read

Cryptomining

NPM

Javascript

NPM Packages disguise as Javascript libraries to launch Cryptominers

Recently discovered NPM malware poses as a legitimate Javascript library but launches cryptocurrency miners in Windows, macOS, & Linux machines. ...

21-Oct-2021

2 min read

Cookie Stealer

YouTube

Phishing

YouTubers at stake, following the discovery of two years old Phishing campaign, ...

Google TAG discloses a two-year-old phishing campaign actively targeting the channels of YouTube creators using a cookie stealing malware, later sold to the highest bidder or used for cryptocurrency scams......

21-Oct-2021

3 min read

Intel SGX

SmashEx

Intel SGX vulnerable to a new 'SmashEx' Attack that leads to privilege escalatio...

Intel SGX vulnerability can be exploited with a new 'SmashEx' attack that allows privilege escalation and discloses arbitrary memory in enclaves......

21-Oct-2021

2 min read

XSLeak Vulnerability

Slack

Slack has no plans to patch the exploitable XSLeak Vulnerability to de-anonymize...

Slack's XSLeak vulnerability in its file-sharing functionality can allow threat actors to de-anonymize workspace members; Slack does not plan to release a fix for it... ...

20-Oct-2021

2 min read

FlawedGrace

TA505

RAT

TA505 resurfaces with new tools to deliver updated FlawedGrace RAT

TA505 campaigns have returned to distributing tens to hundreds of thousands malicious emails targetting German-speaking countries, now uses additional loaders to deliver the FlawedGrace RAT......

20-Oct-2021

5 min read

Botnet

PurpleFox

WebSocket

PurpleFox deploys new backdoor that leverages WebSockets for C&C communication

PurpleFox botnet now has an updated arsenal with a new backdoor that uses WebSockets for C&C communication...

20-Oct-2021

3 min read

NEMTY

KARMA

NEFILM

Karma Ransomware, a newly evolving group derived from NEMTY

Analysis by Sentinel labs observed that KARMA Ransomware Group has similarities with other malware families such as NEMTY & JSWorm...

19-Oct-2021

3 min read

Argentina

RENAPER

Data Breach

RENAPER database breached by threat actors, intends to publicize over the intern...

Argentinian Government Database that stores the ID card details of citizens has been stolen following a data breach and currently being sold online over private portals... ...

19-Oct-2021

2 min read