minute read
Share this article:
Microsoft Security discovered malicious PDFs that download Java-based StrRAT, which can steal credentials and change file names but doesn’t actually encrypt.
An email campaign is delivering a Java-based remote access trojan (RAT) that can not only steal credentials and take control of systems, but also presents as fake ransomware, Microsoft researchers have discovered.
The Microsoft Security Intelligence (MSI) team has outlined details of a “massive email campaign” delivering the StrRAT malware that they observed last week and reported in a series of tweets earlier this week.
StrRAT is a Java-based remote access tool which steals browser credentials, logs keystrokes and takes remote control of infected systems all typical behaviors of RATs, MSI researchers described in documentation posted on GitHub about the malware. The RAT also has a module to download an additional payload onto the infected machine based on command-and-contr
Sponsored by: minute read
Share this article:
The time that attackers stay hidden inside an organization’s networks is shifting, putting pressure on defenders and upping the need to detect and respond to threats in real-time.
Cyberattacks have shifted from the usual smash-and-grab type of heists to stealthier campaigns where hackers silently camp out on networks for long periods, stealing anything they can get their hands on. Called attacker dwell time, this is part of an adversarial approach that has become even more popular with hackers when it comes to 2021 ransomware attacks and data breaches.
Consider recent ransomware attacks by cybergangs Ryuk and Maze, where adversaries lurked in the datacenter shadows and within endpoint crevices – collecting counterintelligence, stealing credentials and pushing malware laterally. Only after pilfering all of a company’s digital goods did criminals finally encrypt files and demand a ransom, in what’s be
The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0.
The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r8p0 through r30p0.
Customers panic and question parent company Anker’s security and privacy practices after learning their home videos could be accessed and even controlled by…