AhnLab Security Intelligence Center discovered that attackers exploited the WSUS flaw to gain access to servers, using PowerCat for a shell and deploying ShadowPad via certutil and curl.
More environments could be covertly targeted by versions 4 and 5 of the Python-based XillenStealer malware, which has been strengthened to become an extensive data harvesting platform, reports GBHackers News.
Novel RadzaRat Android trojan examined Android devices could be clandestinely subjected to keylogging, remote file management, and surveillance through the novel RadzaRat trojan, which spoofs a legitimate file manager app, according to Cybernews.
BleepingComputer reports that attacks spreading the newly discovered BadAudio malware have been launched by the China-nexus APT24 threat group as part of a three-year cyberespionage campaign aimed at Windows systems.
The Sturnus trojan, identified by Dutch cybersecurity firm ThreatFabric, is designed to steal banking credentials through convincing fake login screens and gain remote control over infected devices.
In the security news: Cloudflare was down, it was not good, Logitech breached, The largest data breach in history?, Fortinet Fortiweb - the saga continues, Hacking Linux through your malware scanner, oh the irony, I never stopped hating systemd, The ASUS exploit that never existed, If iRobot fails, can we deploy our own hacker bot army?, Threat act...
