National CSIRT-CY | National Computer Security Incident Response Team of Cyprus

The group has added a management console and a USB worming function to its main malware, Crimson RAT.

A hybrid DDoS botnet known for turning vulnerable Windows devices into Monero cryptomining bots is now also scanning for and infecting Linux systems.

Microsoft has issued an emergency out of band Windows security update designed to address privilege escalation bugs found to impact the Windows Remote Access service.

Emotet is a malware spread via email in the name of Finnish organisations. The objective of the malware attack is to steal information from organisations, infiltrate a targeted network and in some cases to launch a ransomware attack. The attack campaign has been active since August 17th 2020.

A sophisticated botnet campaign named FritzFrog has been discovered breaching SSH servers around the world, since at least January 2020. Written in Golang, FritzFrog is both a worm and a botnet that targets government, education, and finance sectors.

A vulnerability affecting components used in millions of critical connected devices in the automotive, energy, telecom, and medical sector could let hackers hijack the device or access the internal network.

The IcedID banking Trojan has recently been updated with additional evasion techniques, including a password-protected attachment, keyword obfuscation and Dynamic Link Library file that acts as a second-stage downloader, according to Juniper Threat Labs.

Citrix released patches for multiple new security vulnerabilities affecting its Citrix Endpoint Management (CEM), also known as XenMobile, a product made for enterprises to help companies manage and secure their employees’ mobile devices remotely.