Linux that was assumed to be "safe" from malware is getting attention from attackers. RedXOR is a Linux malware allegedly attributed to Chinese hackers.
Kobalos, a new malware that targets Linux, FreeBSD and Solaris High performance Systems. It targets are carefully selected and targeted.
Fireeye and other users of SolarWinds Orion IT monitoring and management software had been compromised by SolarWinds Supply Chain Attack. Threat actor behind this attack is identified as UNC2452 or Dark Halo.
PowerPepper is a Windows in-memory PowerShell backdoor that can execute remotely sent shell commands. It is associated with DeathStalker (formerly called Deceptikons), a threat actor know to be active since 2012. The threat actor consistently used what is called "dead-drop resolvers" (DDRs), which is an obfuscated content hosted on major public web services like YouTube, Twitter or Reddit, once decoded by malware this content reveals a command-and-control (C2) server address.
BazarBackdoor is the latest tools in the TrickBot arsenal. Malware authors continues to use the COVID-19 theme to bait victims with corona virus related help or information and make the clicking and installing there malicious code.
