Penetration Testing

APRIL 4, 2024

Researchers at FortiGuard Labs have uncovered the inner workings of Byakugan, a versatile malware strain employing a mix of legitimate and malicious components to steal sensitive user data while flying under the radar.

Penetration Testing 124

Penetration Testing Malware 124

Penetration Testing

MAY 9, 2024

FIN7’s campaign targets users with malicious websites disguised as... The post FIN7 Hackers Using Signed Malware and Fake Google Ads to Evade Defenses appeared first on Penetration Testing.

Penetration Testing 131

Penetration Testing Malware Cybercrime 131

Penetration Testing

MARCH 24, 2024

Researchers at Unit 42 have uncovered a major new attack campaign deploying an updated version of the StrelaStealer malware.

Penetration Testing 139

Penetration Testing Malware 139

Penetration Testing

JUNE 2, 2024

A new in-depth analysis by Krasimir Konov, malware analyst... The post Telegram: The Dark Horse of Website Malware Attacks appeared first on Penetration Testing.

Malware 119

Malware Penetration Testing 119

Penetration Testing

APRIL 25, 2024

ThreatFabric has unveiled a sophisticated new Android malware strain named “Brokewell.” The... The post Alert: “Brokewell” Malware – New Threat Targets Bank Users with Remote Device Takeover appeared first on Penetration Testing.

Banking 126

Banking Penetration Testing Malware 126

Penetration Testing

FEBRUARY 7, 2024

A new menace has been detected by security researcher @Yogesh Londhe: the DotStealer malware.

Malware 132

Malware Penetration Testing 132

Penetration Testing

MARCH 11, 2024

A dangerous new malware named Planet Stealer is making its rounds in the cybercriminal underworld, and security experts warn that your passwords, cryptocurrency wallets, and other sensitive information could be in its sights.

Passwords 131

Passwords Penetration Testing Malware Risk 131

The Hacker News

SEPTEMBER 27, 2024

Ransomware and malware continue to be the method of choice by big game hunting (BGH) cyber criminals, and the increased use of hands-on or “interactive intrusion” techniques is especially alarming.

Penetration Testing 108

Penetration Testing Ransomware Technology Malware 108

Penetration Testing

MARCH 24, 2024

In a striking revelation, the cybersecurity world has been alerted to a novel and sophisticated cyber espionage campaign orchestrated by APT29, a notorious threat group believed to be operating under the auspices of Russia’s... The post APT29 Strikes German Politics with WINELOADER Malware Assault appeared first on Penetration Testing. (..)

Penetration Testing 124

Penetration Testing Malware Cybersecurity 124

Penetration Testing

NOVEMBER 17, 2024

Operated by a Vietnamese-speaking threat actor, this campaign leverages a... The post PXA Stealer: New Malware Targets Governments and Education Across Europe and Asia appeared first on Cybersecurity News.

Education 94

Education Government Malware Cybersecurity 94

The Last Watchdog

MARCH 24, 2025

eWPTX – a highly respected certification that is 100% practical and validates the advanced skills necessary to conduct in-depth penetration tests on modern web applications. For example, network defense and malware analysis labs show engineers how to contain ransomware outbreaks.

Healthcare 113

Healthcare Penetration Testing Education Cyber threats 113

Penetration Testing

APRIL 2, 2024

In a report, Check Point Research (CPR) has lifted the veil of anonymity surrounding two cybercrime actors responsible for recent Agent Tesla malware campaigns.

Cybercrime 141

Cybercrime Penetration Testing Malware 141

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. ‘FATAL’ ERROR.

DNS 298

DNS Penetration Testing Malware Hacking 298

IT Security Guru

JANUARY 30, 2025

Malware Infections Malware is simply dangerous programs installed on devices through suspicious downloads or links. Ransomware This is malware that locks a platforms systems or personal files until a ransom is paid to regain access.

Cyber Risk 96

Cyber Risk Risk Penetration Testing Accountability 96

Penetration Testing

MARCH 17, 2024

Fujitsu, the Japanese multinational technology giant, has revealed a data breach resulting from a malware infection within its corporate network.

Data breaches 144

Data breaches Penetration Testing Malware Technology 144

Penetration Testing

APRIL 5, 2024

A cunning new malware campaign is targeting your online stores with an insidious twist. Magento merchants, brace yourselves.

Penetration Testing 131

Penetration Testing Malware 131

Security Affairs

JANUARY 1, 2024

Subsequently, other malware integrated the exploit, including Rhadamanthys, Risepro, Meduza , Stealc Stealer and recently the White Snake. The researchers discovered that the malware targets Chrome’s token_service table of WebData to extract tokens and account IDs of chrome profiles logged in. ” continues the report.

Malware 145

Malware Penetration Testing Passwords Encryption 145

Penetration Testing

MARCH 4, 2024

The attack begins with a malicious PDF, downloads a ZIP file, and employs DLL side-loading for malware execution.... ... The post Warning: CHAVECLOAK Trojan Targets Brazil, Steals Your Banking Credentials appeared first on Penetration Testing.

Banking 138

Banking Penetration Testing Malware 138

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” ” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in.

Cybercrime 350

Cybercrime VPN Malware Ransomware 350

Penetration Testing

DECEMBER 16, 2024

Unit 42 has uncovered HeartCrypt, a Packer-as-a-Service (PaaS) designed to protect malware from detection. Since its launch in February 2024, HeartCrypt has rapidly become a popular choice among cybercriminals, packing... The post HeartCrypt: A Packer-as-a-Service Fueling Malware Campaigns appeared first on Cybersecurity News.

Malware 60

Malware Cybersecurity 60

Penetration Testing

NOVEMBER 4, 2024

In a recent report by the National Cyber Security Centre (NCSC), analysts detailed a new malware threat targeting network devices, dubbed “Pygmy Goat.” This backdoor malware, discovered on Sophos XG... The post Pygmy Goat Malware: A Sophisticated Network Device Backdoor Targets Firewalls appeared first on Cybersecurity News.

Firewall 70

Firewall Malware Cybersecurity 70

Penetration Testing

NOVEMBER 3, 2024

This campaign, discovered on October 31, 2024, aims to... The post Typosquat Campaign Targets Puppeteer Users: Researcher Warns of Malware in npm Packages appeared first on Cybersecurity News.

Malware 70

Malware Cryptocurrency Cybersecurity 70

Penetration Testing

DECEMBER 20, 2024

Wiz Threat Research revealed a new malware campaign orchestrated by the Romanian-speaking threat group Diicot, also known as Mexals.

Malware 60

Malware Cybersecurity 60

Penetration Testing

DECEMBER 21, 2024

Kaspersky has uncovered a fresh variant of the BellaCiao malware familyBellaCPPmarking a shift from.NET to C++ in its development. First appearing in April 2023, BellaCiao is a.NET-based malware... The post From.NET to C++: BellaCiao Malware Evolves with BellaCPP appeared first on Cybersecurity News.

Malware 67

Malware Cybersecurity 67

Penetration Testing

NOVEMBER 10, 2024

Kaspersky Labs has unveiled an advanced malware framework, QSC, reportedly deployed by the CloudComputating group (also known as BackdoorDiplomacy).

Malware 60

Malware Architecture Cybersecurity 60

Penetration Testing

NOVEMBER 4, 2024

Google researchers recently released an in-depth analysis of GOOTLOADER, also known as SLOWPOUR or Gootkit Loader, an obfuscated JavaScript downloader, revealing new tactics employed by financially-motivated threat actors to deploy... The post GOOTLOADER Malware Continues to Evolve: Google Researchers Uncover Advanced Tactics appeared first (..)

Malware 80

Malware Cybersecurity 80

Penetration Testing

FEBRUARY 27, 2025

Kaspersky ICS CERT has uncovered a new malware campaign, dubbed “Operation SalmonSlalom,” specifically targeting industrial organizations across the The post Operation SalmonSlalom: New Malware Campaign Targets Industrial Organizations in Asia-Pacific appeared first on Cybersecurity News.

Malware 67

Malware Cybersecurity 67

Penetration Testing

DECEMBER 17, 2024

A new malware campaign, identified as I2PRAT (I2P Remote Access Trojan), is raising the bar for cybercriminals ability to evade detection. Detailed in a report by Banu Ramakrishnan, a Malware... The post New Malware I2PRAT Exploits Anonymous I2P Network for Stealthy Command and Control appeared first on Cybersecurity News.

Malware 64

Malware Cybersecurity 64

Penetration Testing

FEBRUARY 27, 2024

Bitdefender researchers have uncovered a new, stealthy variant of the infamous Atomic Stealer malware specifically targeting macOS users.

Penetration Testing 124

Penetration Testing Cryptocurrency Passwords Malware 124

Penetration Testing

DECEMBER 3, 2024

Trend Micro Research has revealed a significant evolution in the behavior of the Gafgyt malware (also known as Bashlite or Lizkebab), which is now targeting misconfigured Docker Remote API servers....

Malware 64

Malware Cybersecurity 64

Penetration Testing

MARCH 21, 2024

Long known as a cryptor-as-a-service (CaaS), enabling criminals to disguise their malware, AceCryptor has recently... The post AceCryptor Exploited in Multi-Country Attacks, European Businesses Targeted appeared first on Penetration Testing.

Penetration Testing 124

Penetration Testing Malware Cybersecurity 124

Penetration Testing

MAY 20, 2024

The incident response team discovered a sophisticated keylogger embedded in the main page of... The post Keylogger in Microsoft Exchange Server Breaches Government Agencies Worldwide appeared first on Penetration Testing.

Government 145

Government Penetration Testing Technology Malware 145

Penetration Testing

MARCH 27, 2024

This insidious malware employs a range of deceptive tactics, including geographical checks and the installation of... The post Stealthy New Golang Trojan Exploits Fake Certificates for Evasive Communication appeared first on Penetration Testing.

Penetration Testing 122

Penetration Testing Malware 122

Penetration Testing

DECEMBER 7, 2024

The campaign targets Ukrainian entities... The post BlueAlpha Exploits Cloudflare Tunnels for GammaDrop Malware Infrastructure appeared first on Cybersecurity News.

Malware 58

Malware Cybersecurity 58

Penetration Testing

DECEMBER 22, 2024

The NodeStealer malware, first identified as a JavaScript-based threat, has undergone a transformation into a Python-based infostealer, expanding its capabilities to harvest a broader range of sensitive data.

Malware 131

Malware Cybersecurity 131

Penetration Testing

APRIL 29, 2024

This discovery outlines a critical escalation in cyber... The post Stealthy ‘DarkGate’ Trojan Abuses AutoHotkey, Evades Defender appeared first on Penetration Testing.

Penetration Testing 136

Penetration Testing Cyber threats Malware 136

Penetration Testing

MAY 2, 2024

Those unassuming internet gateways, often overlooked in cybersecurity discussions, have become a prime battleground where criminals and nation-state hackers... The post Compromised Routers: Tool of Choice for Crime & Espionage appeared first on Penetration Testing.

Penetration Testing 135

Penetration Testing Internet Internet Cybersecurity 135