Atlassian Confluence Vulnerability CVE-2022-26134 Abused For Cryptocurrency Mining, Other Malware

Credit to Author: Sunil Bharti| Date: Wed, 21 Sep 2022 00:00:00 +0000

Users are advised to patch immediately: We found exploit samples abusing the Atlassian Confluence vulnerability (CVE-2022-26134) in the wild for malicious cryptocurrency mining.

Read more

Buzzing in the Background: BumbleBee, a New Modular Backdoor Evolved From BookWorm

Credit to Author: Vickie Su| Date: Fri, 02 Sep 2022 00:00:00 +0000

In March 2021, we investigated a backdoor with a unique modular architecture and called it BumbleBee due to a string embedded in the malware. However, in our recent investigations, we have discovered a controller application that expands its capabilities.

Read more

Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users

Credit to Author: Daniel Lunghi| Date: Fri, 12 Aug 2022 00:00:00 +0000

We found APT group Iron Tiger’s malware compromising chat application Mimi’s servers in a supply chain attack.

Read more

CopperStealer Distributes Malicious Chromium-based Browser Extension to Steal Cryptocurrencies

Credit to Author: Jaromir Horejsi| Date: Thu, 11 Aug 2022 00:00:00 +0000

We tracked the latest deployment of the group behind CopperStealer, this time stealing cryptocurrencies and users’ wallet account information via a malicious Chromium-based browser extension.

Read more

Better Together: AWS and Trend Micro

This post relays the latest threat detection tool innovation of AWS – Amazon GuardDuty Malware Protection. This tool works closely with Trend Micro cloud solutions, providing another valuable layer of defense in our fight against a shared adversary.

Read more

Alibaba OSS Buckets Compromised to Distribute Malicious Shell Scripts via Steganography

Credit to Author: Alfredo Oliveira| Date: Thu, 21 Jul 2022 00:00:00 +0000

In this blog entry, we discuss a malicious campaign that targets Alibaba Cloud’s OSS buckets with leaked credentials for malware distribution and cryptojacking.

Read more

Conti vs. LockBit: A Comparative Analysis of Ransomware Groups

Credit to Author: Shingo Matsugaya| Date: Mon, 27 Jun 2022 00:00:00 +0000

We compare the targeting and business models of the Conti and LockBit ransomware groups using data analysis approaches. This will be presented in full at the 34th Annual FIRST Conference on June 27, 2022.

Read more