Europol: Emotet malware will uninstall itself on March 25th

Law enforcement has started to distribute an Emotet module to infected devices that will uninstall the malware on March 25th, 2021. Today, Europol announced the disruption of the infamous Emotet email spamming botnet used to distribute malicious Word spam attachments that install malware such as TrickBot and Qbot. These attacks usually lead to the full … Continue reading Europol: Emotet malware will uninstall itself on March 25th

Misconfigured Docker Servers Under Attack by Xanthe Malware

Researchers have discovered a Monero cryptomining botnet they call Xanthe, which has been exploiting incorrectly configured Docker API installations in order to infect Linux systems. Xanthe was first discovered in a campaign that employed a multi-modular botnet, as well as a payload that is a variant of the XMRig Monero cryptocurrency miner. Researchers said that … Continue reading Misconfigured Docker Servers Under Attack by Xanthe Malware

Schneider Electric published a security advisory on Drovorub Linux Malware

Schneider Electric is warning customers of the Drovorub Linux malware that was also analyzed recently by the NSA and the FBI. Schneider Electric published a security bulletin to warn customers of the Drovorub Linux malware, the malware was analyzed in a joint alert published in August by NSA and the FBI. According to the US … Continue reading Schneider Electric published a security advisory on Drovorub Linux Malware

New modular ModPipe POS Malware targets restaurants and hospitality sectors

Cybersecurity researchers spotted a new modular PoS malware, dubbed ModPipe, that targets PoS restaurant management software from Oracle. ESET researchers discovered a new modular backdoor, dubbed ModPipe, that was designed to target PoS systems running ORACLE MICROS Restaurant Enterprise Series (RES) 3700, which is a management suite widely used in restaurant and hospitality sectors. The … Continue reading New modular ModPipe POS Malware targets restaurants and hospitality sectors

CISA, FBI, and CNMF Identify a New Malware Variant: ComRAT

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense Cyber National Mission Force (CNMF) have identified a malware variant—referred to as ComRAT—used by the Russian-sponsored advanced persistent threat (APT) actor Turla. In addition, U.S. Cyber Command has released the malware sample to the malware aggregation tool … Continue reading CISA, FBI, and CNMF Identify a New Malware Variant: ComRAT