SecureTeam

Latest Snapekit Rootkit Poses Threat to Arch Linux Users

A newly discovered rootkit known as “Snapekit” has emerged, posing a significant risk to users of Arch Linux systems, particularly those running the 6.10.2-arch1-1 kernel. According to reports from multiple cybersecurity researchers, Snapekit is a highly sophisticated rootkit that exploits 21 system calls, enabling it to operate stealthily while avoiding detection. Its ability to remain […]

Latest Snapekit Rootkit Poses Threat to Arch Linux Users Read More »

Malware Attacks Target Zyxel End-Of-Life Routers

News, Vulnerabilities / Ian Reynolds

A five-year-old vulnerability is currently being exploited in Zyxel P660HN-T1A routers to introduce a Gafgyt malware variant onto target networks. An outbreak alert has been issued by Fortinet to inform users that this end-of-life router running versions before 7.3.15.0 v001/ 3.40 (ULM.0)b31 is being actively targeted in the wild. Zyxel published a security advisory back

Malware Attacks Target Zyxel End-Of-Life Routers Read More »

Unpatched Redis Servers Targeted by P2P Malware

News, Vulnerabilities / Ian Reynolds

A peer-to-peer (P2P) worm known as P2PInfect has been discovered by security researchers at Unit42 to be actively targeting Windows and Linux based Redis servers. Redis is an open-source database application used in cloud environments. This Rust-based worm targets publicly communicating internet-exposed cloud-based servers by exploiting a flaw that is over a year old. There

Unpatched Redis Servers Targeted by P2P Malware Read More »

OpenSSH Cryptomining Attacks on Linux and IoTs

Information Assurance, News / Ian Reynolds

Internet-facing Linux-based systems and Internet of Things (IoT) devices are being targeted in a recent attack that uses a patched version of OpenSSH to take over the devices and install cryptomining malware. Cryptomining involves the solving of complex mathematical problems to verify the payments carried out in cryptocurrency transactions, and creating new cryptocurrency tokens

OpenSSH Cryptomining Attacks on Linux and IoTs Read More »

New Botnet Campaign uses Critical Ruckus Flaw

Articles, Information Assurance / Ian Reynolds

Researchers at Fortinet have identified a new botnet campaign that utilises a Ruckus remote code execution (RCE) vulnerability to install malware and perform distributed denial of service (DDoS) attacks. This botnet is known as AndoryuBot due to the filename ‘Andoryu’ being used for the malware installed in this attack. It was first seen in attacks

New Botnet Campaign uses Critical Ruckus Flaw Read More »

EvilExtractor Sold as ‘Educational Tool’ is Info Stealer

Articles, Information Assurance / Ian Reynolds

EvilExtractor is an info stealer malware tool designed for data theft attacks on Windows operating systems. Researchers at Fortinet’s threat research group FortiGuard Labs have published an analysis of this tool detailing the attack method for this malware, and its impact on its victims. The research concluded that although there are no specific industries targeted

EvilExtractor Sold as ‘Educational Tool’ is Info Stealer Read More »

NCSC Warn of Jaguar Tooth Malware on Cisco Routers

News, Vulnerabilities / Ian Reynolds

Unpatched Cisco IOS routers are being targeted by Russian state-backed threat actor APT28 to deploy ‘Jaguar Tooth’ malware by exploiting a vulnerability from 2017. The National Cyber Security Centre (NCSC) have published a malware analysis report investigating this non-persistent malware recently seen to be infecting Cisco IOS routers using firmware C5350-IS-M version 12.3(6). A joint

NCSC Warn of Jaguar Tooth Malware on Cisco Routers Read More »

Fake ChatGPT Installs Windows and Android Malware

News / Ian Reynolds

Threat actors are using the name and image associated with ChatGPT to distribute malware through phishing sites, social media pages, and malicious Android applications. ChatGPT is a well-known AI chatbot run by OpenAI and has reported more than 100 million users in January 2023, only 3 months after its initial launch. The high volume of

Fake ChatGPT Installs Windows and Android Malware Read More »

Google Ads Spread Detection Evading Malware

Articles, Information Assurance / Ian Reynolds

Cyber criminals are abusing the Google Ads system to spread malware in what is known as ‘malvertising’ attacks. As the Google Ads display first before the search results, victims can be conned into clicking onto a fake site when searching for software via Google’s search engine. The malicious websites are designed to impersonate legitimate websites,

Google Ads Spread Detection Evading Malware Read More »

Microsoft OneNote Attachments Malware Campaign

News / Ian Reynolds

A malware campaign using the Qbot (aka QakBot) banking trojan has been identified in the wild that is spread through malicious Microsoft OneNote .one attachments. This malware campaign has been referred to as ‘QakNote’ due to the trojan used and the method of using Microsoft OneNote files. It has been observed by security researchers at

Microsoft OneNote Attachments Malware Campaign Read More »

malware

Latest Snapekit Rootkit Poses Threat to Arch Linux Users

Malware Attacks Target Zyxel End-Of-Life Routers

Unpatched Redis Servers Targeted by P2P Malware

OpenSSH Cryptomining Attacks on Linux and IoTs

New Botnet Campaign uses Critical Ruckus Flaw

EvilExtractor Sold as ‘Educational Tool’ is Info Stealer

NCSC Warn of Jaguar Tooth Malware on Cisco Routers

Fake ChatGPT Installs Windows and Android Malware

Google Ads Spread Detection Evading Malware

Microsoft OneNote Attachments Malware Campaign

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch