Nexcorium primarily targets video recording boxes for security cameras, particularly TBK DVR-4104 and DVR-4216 models, due to their inherent security weaknesses and infrequent updates.
ZionSiphon employs a combination of common cyberattack techniques, including privilege escalation, persistence mechanisms, and propagation via removable media, according to a report by Darktrace.
BleepingComputer reports that threat operation UAC-0247 was disclosed by Ukraine's Computer Emergency Response Team to have launched attacks with the new AgingFly malware against local governments and healthcare providers across the country last month.
Infosecurity Magazine reports that Android devices across Europe have been subjected to social engineering attacks involving the newly emergent Mirax banking trojan, which features both remote access and residential proxy capabilities, with the malware-as-a-service payload having already targeted over 200,000 accounts belonging to Spanish-speaking users.
A stealthy new Linux backdoor attributed to the APT41 group, also tracked as Winnti, is actively harvesting cloud credentials from major infrastructure providers using an unorthodox SMTP-based communication channel that has successfully evaded widespread detection, according to Cyber Press.
