The botnet malware tracked as Ebury has steadily expanded over the past decade, having compromised over 400,000 hosts since 2009, with about 100,000 still-infected systems identified by the end of 2023, according to SecurityWeek.
Two new backdoors discovered by ESET security researchers and given the names LunarWeb and LunarMail targeted an unnamed European Ministry of Foreign Affairs and three of its Middle Eastern diplomatic missions, The Hacker News reports.
In this month’s release, Redmond patched 60 CVEs including two other zero-days and a SharePoint Server remote code execution vulnerability rated critical.
The New Jersey Cybersecurity and Communications Integration Cell has warned that the Phorpiex botnet has been used since April to send millions of phishing emails as part of a large-scale LockBit Black ransomware campaign, reports BleepingComputer.
Kaspersky's APT trends report for the first quarter highlighted the emergence of a new threat from the North Korean threat group Kimsuky, in the form of a new sophisticated malware named Durian, which the group has used in targeted cyber attacks against South Korean cryptocurrency firms, reports The Hacker News.
Russian state-sponsored threat operation APT28 has launched a far-reaching malware campaign against government organizations across Poland, according to The Hacker News.