The unpatched flaw would allow a bad actor to execute information-exfiltrating malware, backdoors, ransomware or any other kind of bad code he or she chose.

This backdoor can be used for espionage and for dropping additional malware.

The main purpose of Grobios malware is to help attacker establish a strong, persistent foothold in a victim’s system, in order to drop additional payloads later.

Not just a miner, the malware also sets up a hidden default account with system administrator privileges, to be used for re-infection and further attacks.

A freshly minted attack group dubbed Orangeworm has been uncovered, deploying a custom backdoor in mostly healthcare-related environments. It’s bent on laser-focused, comprehensive corporate espionage, with a noisy attack vector that shows that it’s unlikely to be related to nation-state actors. Researchers first found Orangeworm in the form of an interesting binary in 2016, and...

Two members of Avast’s threat intelligence team shared new information about the CCleaner backdoor attack.

Google’s Project Zero released a proof-of-concept attack against a Wi-Fi firmware vulnerability in Broadcom chips that backdoors the iPhone 7. The flaw was patched in iOS 11.

D-Link router model 850L has 10 vulnerabilities that could allow a hacker to gain remote access and control of device, according to researcher.

Trivially exploitable vulnerabilities in several Arris home modems, routers and gateways distributed to consumers and small businesses through AT&T’s U-verse service have been discovered.

Researchers at Kaspersky Lab said today that the update mechanism for Korean server management software provider NetSarang was compromised and serving a backdoor called ShadowPad.