Organizations in the government, real estate, telecommunications, retail, and other sectors across the U.S., Africa, and the Middle East have been subjected to intrusions under the new CL-STA-0002 threat cluster.
BBC News reports that major online travel agency Booking.com had its customers in the U.S., UK, and other parts of the world impacted by fraud following a social engineering attack that involved the deployment of the Vidar information-stealing malware.
Threat actors have begun leveraging the critical Apache ActiveMQ vulnerability, tracked as CVE-2023-46604, to facilitate the distribution of the Golang-based GoTitan botnet and PrCtrl Rat, a .NET program, as well as the Sliver, Kinsing, and Ddostff malware strains, Hackread reports.
North Korea's Lazarus Group has leveraged the backdoored PDF reader app SwiftLoader used in the RustBucket campaign to facilitate the deployment of the KANDYKORN macOS malware in a bid to better evade detection, according to The Hacker News.
More advanced attack techniques are being exhibited by the WildCard advanced persistent threat operation, which has targeted Israel for the past eight years, amid the ongoing war between Israel and Palestinian militant group Hamas, CyberScoop reports.
Persistent updates have been made by the TA544 threat operation, also known as Zeus Panda and Bamboo Spider, to the advanced malware loader WailingCrab, also known as WikiLoader, to enhance stealth in attacks mainly facilitated by shipping-themed emails, The Hacker News reports.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
