This is the GreyKeep Security Malware Roundup for November 13, 2023. Here’s a summary of what’s in this week’s edition:
Targets
| Windows / PowerShell Linux MacOS Android Google Calendar / Cloud | Atlassian Confluence Python / PyPI MOVEit WinRAR |
Organizations
| Boeing Cogdell Memorial Hospital Isreali Tech Sector Indian Government | Ukranian Power Grid Cambodian Government Fashion Industry DP World |
Threat Actors
| BlueNoroff / Lazarus CIOp LockBit Lorenz Imperial Kitten Ryuk Ransomware Group | SideCopy Sandworm Farnetwork Saphire Sleet BulletProofLink Royal |
Malware / Ransomware
| BiBi (data wiper) Effluence (backdoor) SecuriDropper (installer) Jupyter (infostealer) | BlazeStealer GootBot Ducktail |
Malware in the News
Windows
- Israel warns of BiBi wiper attacks targeting Linux and Windows
- New Jupyter Infostealer Version Emerges with Sophisticated Stealth Tactics
- Gootbot: A new post-exploitation implant for lateral movement
- Ducktail Malware Targets the Fashion Industry
Android
Apple
Atlassian
Google Cloud
Python
MOVEit
Banking & Financial
Technology
- LockBit ransomware gang leaked data stolen from Boeing
- Iranian hackers launch malware attacks on Israel’s tech sector
Healthcare
Government & Military
- SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities
- Sandworm Cyberattackers Down Ukrainian Power Grid During Missile Strikes
- Chinese APT Infrastructure Mimics Cloud Backup Services
Other Malware News
- US Sanctions Ryuk Ransomware’s Russian Money Launderer
- Ransomware Mastermind Uncovered After Oversharing on Dark Web
- FBI: Royal ransomware asked 350 victims to pay $275 million
- North Korea-linked APT Sapphire Sleet targets IT job seekers with bogus skills assessment portals
- Major Phishing-as-a-Service Syndicate ‘BulletProofLink’ Dismantled by Malaysian Authorities
Check out our latest Cybersecurity Daily for more security news, alerts, and products.