Top

Tag: Attackers


Cyber-crime, Malware

Post-LockBit, How Will the Ransomware Ecosystem Evolve?

February 23, 2024

Via: DataBreach Today

Expect attackers to continue refining their tactics for maximizing profits via a grab bag of the same strategies, including forcibly encrypting systems and charging for a decryptor, stealing data and threatening to dump it, creating scary public personae, or a […]


Email security, Security

Email forwarding flaws enable attackers to impersonate high-profile domains

September 11, 2023

Via: Help Net Security

Sending an email with a forged address is easier than previously thought, due to flaws in the process that allows email forwarding, according to a research team led by computer scientists at the University of California San Diego. The issues […]


Hacker, Threats & Malware, Vulnerabilities

MOVEit Transfer zero-day was exploited by Cl0p gang (CVE-2023-34362)

June 5, 2023

Via: Help Net Security

The zero-day vulnerability attackers have exploited to compromise vulnerable Progress Software’s MOVEit Transfer installations finally has an identification number: CVE-2023-34362. Based on information shared by Mandiant, Rapid7 and other security researchers, the attackers seem to have opportunistically targeted as many […]


Application security, Security

Attackers exploit APIs faster than ever before

March 8, 2023

Via: Help Net Security

After combing through 350,000 reports to find 650 API-specific vulnerabilities from 337 different vendors and tracking 115 published exploits impacting these vulnerabilities, the results clearly illustrate that the API threat landscape is becoming more dangerous, according to Wallarm. Researchers came […]


Threats & Malware, Virus & Malware, Vulnerabilities

Thousands of unpatched VMware ESXi servers hit by ransomware via old bug (CVE-2021-21974)

February 6, 2023

Via: Help Net Security

Late last week, unknown attackers launched a widespread ransomware attack hitting VMware ESXi hypervisors via CVE-2021-21974, an easily exploitable vulnerability that allows them to run exploit code remotely, without prior authentication. Patches for CVE-2021-21974, a vulnerability in ESXi’s OpenSLP service, […]


Cyber warfare, Cyber-crime

Sandworm APT group hit Ukrainian news agency with five data wipers

January 30, 2023

Via: Security Affairs

On January 17, 2023, the Telegram channel “CyberArmyofRussia_Reborn” reported the compromise of the systems at the Ukrainian National Information Agency “Ukrinform”. The Ukrainian Computer Emergency Response Team (CERT-UA) immediately investigated the claims and as of January 27, 2023, found five […]


Cyber-crime, Malware

How attackers might use GitHub Codespaces to hide malware delivery

January 17, 2023

Via: CSO Online

Attackers could start abusing GitHub Codespaces, a new service that allows developers to create and test applications inside development containers running on GitHub’s servers. Developers can make their applications accessible via public GitHub URLs for preview by others, a functionality […]


Threats & Malware, Vulnerabilities

FortiOS flaw was exploited to compromise governmental targets (CVE-2022-42475)

January 13, 2023

Via: Help Net Security

A critical vulnerability in FortiOS SSL-VPN (CVE-2022-42475) that Fortinet has issued patches for in November 2022 has been exploited by attackers to compromise governmental or government-related targets, the company has shared. Fortinet says the attackers have advanced capabilities: they were […]


Cloud security, Cyber-crime, Malware, Security

Attackers abuse business-critical cloud apps to deliver malware

January 11, 2023

Via: Help Net Security

Over 400 distinct cloud applications delivered malware in 2022, nearly triple the amount seen in the prior year, and 30% of all cloud malware downloads in 2022 originated from Microsoft OneDrive, according to Netskope. Cloud applications are widely used by […]


Hacker, Threats & Malware

Google AdWords is being hijacked by scammers

December 29, 2022

Via: TechRadar

Scammers are abusing Google Adwords, the search engine giant’s advertising platform, to spread malware to people looking for legitimate and popular software. Google’s safety measures are usually robust, but experts found that they managed to employ a workaround. The campaign […]


Hacker, Threats & Malware

Why Attackers Target GitHub, and How You Can Secure It

December 27, 2022

Via: Dark Reading

Last week Okta announced a security breach that involved an attacker gaining access to its source code hosted in GitHub. That’s just the latest example in a long string of attacks gaining access to company source code in GitHub. Dropbox, […]


Hacker, Threats & Malware

Analysis Shows Attackers Favor PowerShell, File Obfuscation

December 14, 2022

Via: Dark Reading

An analysis of threats encountered by four organizations has identified the most common techniques used by attackers to compromise systems, infiltrate networks, and steal data, according to data analysts at Splunk, which published details of the research on Dec. 14. […]


Threats & Malware, Vulnerabilities

Critical FortiOS pre-auth RCE vulnerability exploited by attackers (CVE-2022-42475)

December 13, 2022

Via: Help Net Security

A critical RCE vulnerability (CVE-2022-42475) in Fortinet’s operating system, FortiOS, is being exploited by attackers, reportedly by a ransomware group. “Fortinet is aware of an instance where this vulnerability was exploited in the wild,” the company said in an advisory […]


Threats & Malware, Vulnerabilities

Python tarfile vulnerability affects 350,000 open-source projects (CVE-2007-4559)

September 22, 2022

Via: Help Net Security

Trellix Advanced Research Center published its research into CVE-2007-4559, a vulnerability estimated to be present in over 350,000 open-source projects and prevalent in closed-source projects. The vulnerability exists in the Python tarfile module which is a default module in any […]


Threats & Malware, Vulnerabilities

Most common SAP vulnerabilities attackers try to exploit

September 20, 2022

Via: CSO Online

Unpatched vulnerabilities, common misconfigurations and hidden flaws in custom code continue to make enterprise SAP applications a target rich environment for attackers at a time when threats like ransomware and credential theft have emerged as major concerns for organizations. A […]


Threats & Malware, Virus & Malware

BrandPost: How to Stop Ransomware

September 13, 2022

Via: CSO Online

Security Service Edge (SSE) is a relatively new category. Depending on how you look at it, it’s either a consolidation of three existing security categories — Secure Web Gateway (SWG), Zero Trust Network Architecture (ZTNA), and Cloud Access Security Broker […]


Threats & Malware, Vulnerabilities

Attackers Can Compromise Most Cloud Data in Just 3 Steps

September 13, 2022

Via: Dark Reading

Companies and their cloud providers often leave vulnerabilities open in their system and services, gifting attackers with an easy path to gain access to critical data. According to an Orca Security analysis of data collected form major cloud services and released on […]


Threats & Malware, Vulnerabilities

High-risk ConnectWise Automate vulnerability fixed, admins urged to patch ASAP

September 9, 2022

Via: Help Net Security

ConnectWise has fixed a vulnerability in ConnectWise Automate, a popular remote monitoring and management tool, which could allow attackers to compromise confidential data or other processing resources. The severity of the vulnerability is merely “important”, as its exploitation requires additional […]


Threats & Malware, Vulnerabilities

Mirai Variant MooBot Botnet Exploiting D-Link Router Vulnerabilities

September 7, 2022

Via: The Hacker News

A variant of the Mirai botnet known as MooBot is co-opting vulnerable D-Link devices into an army of denial-of-service bots by taking advantage of multiple exploits. “If the devices are compromised, they will be fully controlled by attackers, who could […]


Data loss, Threats & Malware

Samsung US Says Customer Data Compromised in July Data Breach

September 6, 2022

Via: Security Week

As part of the incident, which was identified roughly a month ago, an unauthorized third party gained access to some of Samsung’s US systems and exfiltrated information stored on them. Although it had determined that the personal information of some […]