BMT Announcement

TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer

A threat actor tracked as TA547 has targeted dozens of German organizations with an information stealer called Rhadamanthys as part of an invoice-themed phishing campaign. "This is the first time researchers observed TA547 use Rhadamanthys, an information stealer that is used by multiple cybercriminal threat actors," Proofpoint said. "Additionally, [...]

By |2024-04-11T13:08:40-05:00April 11th, 2024|Categories: BMT Announcement|

Python’s PyPI Reveals Its Secrets

GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub commits. The takeaways in their 2024 report did not just highlight 12.8 million new exposed secrets in GitHub, [...]

By |2024-04-11T13:11:07-05:00April 11th, 2024|Categories: BMT Announcement|

‘eXotic Visit’ Spyware Campaign Targets Android Users in India and Pakistan

An active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India and Pakistan, with malware distributed via dedicated websites and Google Play Store. Slovak cybersecurity firm said the activity, ongoing since November 2021, is not linked to any known threat [...]

By |2024-04-11T11:57:43-05:00April 10th, 2024|Categories: BMT Announcement|

Raspberry Robin Returns: New Malware Campaign Spreading Through WSF Files

Cybersecurity researchers have discovered a new Raspberry Robin campaign wave that propagates the malware through malicious Windows Script Files (WSFs) since March 2024. "Historically, Raspberry Robin was known to spread through removable media like USB drives, but over time its distributors have experimented with other initial infection vectors," HP [...]

By |2024-04-11T11:55:46-05:00April 10th, 2024|Categories: BMT Announcement|

Watch Out for ‘Latrodectus’ – This Malware Could Be In Your Inbox

Threat hunters have discovered a new malware called Latrodectus that has been distributed as part of email phishing campaigns since at least late November 2023. "Latrodectus is an up-and-coming downloader with various sandbox evasion functionality," researchers from Proofpoint and Team Cymru said in a joint analysis published last week, [...]

By |2024-04-08T14:32:35-05:00April 8th, 2024|Categories: BMT Announcement|

AI-as-a-Service Providers Vulnerable to PrivEsc and Cross-Tenant Attacks

New research has found that artificial intelligence (AI)-as-a-service providers such as Hugging Face are susceptible to two critical risks that could allow threat actors to escalate privileges, gain cross-tenant access to other customers' models, and even take over the continuous integration and continuous deployment (CI/CD) pipelines. "Malicious models represent [...]

By |2024-04-08T10:24:18-05:00April 5th, 2024|Categories: BMT Announcement|

Vietnam-Based Hackers Steal Financial Data Across Asia with Malware

A suspected Vietnamese-origin threat actor has been observed targeting victims in several Asian and Southeast Asian countries with malware designed to harvest valuable data since at least May 2023. Cisco Talos is tracking the cluster under the name CoralRaider, describing it as financially motivated. Targets of the campaign include [...]

By |2024-04-04T13:49:26-05:00April 4th, 2024|Categories: BMT Announcement|
Go to Top