Tarrask is a new malware identified by Microsoft that is used by the Chinese-sponsored hacker group Hafnium to maintain persistence on compromised Windows PCs by generating and hiding scheduled activities. The Hafnium group has been spotted expanding on selected areas such as telecommunications, internet service providers, and data services over the time. Threat actors reportedly seen using unpatched zero-day vulnerabilities as initial vectors, and then use Impacket tooling for later movement and execution, as well as the discovery of defense-evading Tarrask malware that creates hidden scheduled tasks, and then take action to remove the task aspects, so that the scheduled tasks cannot be identified by conventional methods. Secret scheduled tasks employed in this campaign to re-establish outbound connections to command-and-control (C2) infrastructure, allowing them to keep access to vital assets exposed to the internet even after restarting.
everal popular Android applications available on the Google Play Store are vulnerable to a path traversal-affiliated vulnerability known as the Dirty Stream attack. This vulnerabil...
The US confirms Russian hackers have breached water systems. They warn North American and European operators about ongoing attempts by pro-Russia activists to infiltrate their tech...
The Simone Veil hospital in Cannes, France, has become the latest target of cybercriminals, with the LockBit ransomware gang claiming to have accessed and published confidential da...