Hacker skim sensitive information from e-commerce website by deploying malware dubbed as linux_avp which is written in golang. Analysis of linux_avp suggests that it serves as backdoor, waiting for commands from a Alibaba hosted server 184.108.40.206
IPsec Helper is a backdoor implant used by Agrius APT. Agrius is attributed to Iran and allegedly targets Israeli systems. IPsec Helper is written in .net and provides many services to its owner.
Linux that was assumed to be "safe" from malware is getting attention from attackers. RedXOR is a Linux malware allegedly attributed to Chinese hackers.
Kobalos, a new malware that targets Linux, FreeBSD and Solaris High performance Systems. It targets are carefully selected and targeted.
Fireeye and other users of SolarWinds Orion IT monitoring and management software had been compromised by SolarWinds Supply Chain Attack. Threat actor behind this attack is identified as UNC2452 or Dark Halo.