24 November 2023
Hamas-Linked SysJoker Backdoor Targets Israel
- Researchers identify a Rust-powered variant of SysJoker used by a Hamas-linked threat actor against Israel.
- Malware was rewritten in Rust, signifying significant code changes.
Exposed Kubernetes Secrets in Public Repositories Pose Threat
- Publicly exposed Kubernetes configuration secrets raise concerns for Fortune 500 companies.
- Encoded secrets discovered in public repositories heighten the risk of supply chain attacks.
Konni Group Deploys Russian-Language Malicious Word Docs
- Konni threat group utilizes Russian-language Microsoft Word documents to distribute malware for data harvesting.
- Activity attributed to Konni shares similarities with North Korean APT43 (Kimsuky) cluster.
WailingCrab Malware Loader Spread via Shipping-Themed Emails
- Malicious emails themed around shipping distribute WailingCrab malware composed of loader, injector, downloader, and backdoor components.
- IBM X-Force researchers detail the sophisticated structure of the malware.
Mirai-Based Botnet Exploits Zero-Days in Routers and NVRs for DDoS
- Active malware campaign exploits zero-day vulnerabilities in routers and video recorders, forming a Mirai-based DDoS botnet.
- Malicious payload targets devices with default admin credentials, installing Mirai variants upon successful compromise.