This is the GreyKeep Security Malware Roundup for September 18, 2023. Here’s a summary of what’s in this week’s edition:
Targets
| Amazon Web Services (Amplify, Fargate, SageMaker) Microsoft Windows Apple MacOS Facebook Messenger | Google Chrome Adobe Acrobat GitHub Free Download Manager Webdav |
Organizations
| MGM Resorts International Defense Satellite | Pharmaceutical Asian power grid Android banking apps |
Threat Actors
| Earth Lusca (China) ALPHV Cuba (ransomeware group) | Peach Sandstorm (Iran) Winnti Group/Redfly (China) Lazarus (N. Korea) |
Malware / Ransomware
| Bumblebee SprySOCKS AMBERSQUID ShadowPad MetaStealer 3AM Ransomware | Hook NodeStealer NLBrute Agent Tesla OriginBotnet RedLine Clipper |
Malware in the News
Amazon Web Services
Microsoft
Apple
Android
Adobe
GitHub
WebDAV
Other Malware News
- Microsoft: ‘Peach Sandstorm’ Cyberattacks Target Defense, Pharmaceutical Orgs
- Hackers behind MGM cyberattack thrash the casino’s incident response
- Sophisticated Phishing Campaign Deploying Agent Tesla, OriginBotnet, and RedLine Clipper
- Cuba Ransomware Gang Continues to Evolve With Dangerous Backdoor
- New SprySOCKS Linux malware used in cyber espionage attacks
- China’s Winnti APT Compromises National Grid in Asia for 6 Months
- North Korea’s Lazarus APT stole almost $240 million in crypto assets since June
- Free Download Manager Site Compromised to Distribute Linux Malware to Users for 3+ Years
- Dariy Pankov, the NLBrute malware author, pleads guilty
- Rust-Written 3AM Ransomware: A Sneak Peek into a New Malware Family
Check out our latest Cybersecurity Daily for more security news, alerts, and products.