FlagThis

The cybersecurity landscape is facing a surge in sophisticated threats, with a significant rise in malware activity. Researchers have recently identified NonEuclid RAT, a new malware strain that allows attackers to gain unauthorized remote access and control over compromised systems. This stealthy malware, developed in C# for .NET Framework 4.8, employs advanced techniques like ransomware encryption, privilege escalation, and evasion tactics to avoid detection. It is actively being promoted across various hacking forums and social media platforms. Additionally, immutable process binaries on Linux systems are increasingly being identified as a vector for malware attacks. IBM has issued a security advisory (AV25-003) following vulnerability discoveries in several products. Specifically, critical updates have been released for API Big SQL on IBM Cloud Pak for Data, IBM Maximo Application Suite - Monitor Component, and IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data. The Canadian Centre for Cyber Security has urged users and administrators to review the security bulletins and apply the necessary updates to mitigate these risks. These advisories address multiple versions and refreshes of the products, highlighting the broad scope of the vulnerabilities.

ImgSrc: ciso2ciso.com

References:

• ciso2ciso.com - NonEuclid RAT Detection: Malware Enables Adversaries to Gain Unauthorized Remote Access and Control Over a Targeted System – Source: socprime.com - 2d
• sandflysecurity.com - Linux Immutable Malware Process Binary Attack - 2d

Classification:

• HashTags: Cybersecurity Malware SecurityResearch
• Target: Cybersecurity Industry
• Feature: Emerging Threats
• Type: Research
• Severity: Medium