[ThreatPost] SquirrelWaffle Loader Malspams, Packing Qakbot, Cobalt Strike

Say hello to what could be the next big spam player: SquirrelWaffle, which is spreading with increasing frequency via spam campaigns and infecting systems with a new malware loader.

Source: Read More (Threatpost)

You might be interested in …

[HackerNews] The Guide to Automating Security Training for Lean Security Teams

All posts, HackerNews

Cyber threats used to be less threatening. While nobody wants their customers’ credit card numbers stolen in a data breach, or to see a deranged manifesto plastered over their company website, such incidents can almost seem quaint compared to ransomware attacks that bring all of your critical information systems to a dead halt. The frequency […]

Read More

[TheRecord] Researchers find new malware variant after stopping attack on Ukrainian energy provider

Ukrainian officials said they stopped an attack on an energy facility with the help of researchers from ESET and Microsoft.┬áIn the process of stopping the attack, they discovered a new variant of Industroyer, an infamous piece of malware that was used by the Sandworm APT group in 2016 to cut power in Ukraine. CERT-UA, the […]

Read More

Daily NCSC-FI news followup 2021-09-09

GitHub finds 7 code execution vulnerabilities in ‘tar’ and npm CLI www.bleepingcomputer.com/news/security/github-finds-7-code-execution-vulnerabilities-in-tar-and-npm-cli/ GitHub security team has identified several high-severity vulnerabilities in npm packages, “tar” and “@npmcli/arborist,” used by npm CLI. Zoho patches actively exploited critical ADSelfService Plus bug www.bleepingcomputer.com/news/security/zoho-patches-actively-exploited-critical-adselfservice-plus-bug/ The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are exploiting a critical […]

Read More