Author: nlqip
Oct 22, 2024Ravie LakshmananVulnerability / Supply Chain Cybersecurity researchers have discovered a number of suspicious packages published to the npm registry that are designed to harvest Ethereum private keys and gain remote access to the machine via the secure shell (SSH) protocol. The packages attempt to “gain SSH access to the victim’s machine by writing…
Read MoreOct 22, 2024Ravie LakshmananMalware / Threat Intelligence Two malware families that suffered setbacks in the aftermath of a coordinated law enforcement operation called Endgame have resurfaced as part of new phishing campaigns. Bumblebee and Latrodectus, which are both malware loaders, are designed to steal personal data, along with downloading and executing additional payloads onto compromised…
Read MoreClickjacking (Clickfix), also known as a “UI redress attack,” is a malicious technique where an attacker tricks a user into clicking on something different from what they perceive they are clicking on. This is often achieved by layering invisible or disguised elements over legitimate website content. For example, an attacker might place an invisible button…
Read MoreRecently, we published an intel about data leakage from some U.S. local authorities. It was about two different local authorities in U.S. and was showing us how threat actors share information between them. To put it very briefly, a threat actor claimed they have data of these authorities and they captured these data with using…
Read MoreOct 22, 2024Ravie LakshmananVulnerability / Enterprise Security VMware has released software updates to address an already patched security flaw in vCenter Server that could pave the way for remote code execution. The vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), concerns a case of heap-overflow vulnerability in the implementation of the DCE/RPC protocol. “A malicious actor…
Read MoreOct 22, 2024Ravie LakshmananVulnerability / Cyber Threat The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation as a zero-day. The vulnerability in question, tracked as CVE-2024-9537 (CVSS v4 score: 9.3), refers to a bug…
Read MoreSolution providers applauded Sophos’ planned acquisition of Secureworks, an XDR specialist with 1,500 employees. Solution providers applauded the announcement Monday that cybersecurity giant Sophos plans to acquire Secureworks, a specialist in extended detection and response (XDR), for $859 million in a major industry consolidation deal. Calling the acquisition deal a “very positive” move for Sophos,…
Read MoreThreat actors have been exploiting a vulnerability in the Roundcube Webmail client to target government organizations in the Commonwealth of Independent States (CIS) region, the successor of the former Soviet Union. An attack was discovered by Russian cybersecurity company Positive Technologies in September, but the researchers determined that the threat actor activity had started in…
Read MoreCyber-resilience has become more crucial than ever, as demonstrated by the recent CrowdStrike incident that led to widespread IT outages. This event, deemed “the largest IT outage in history,” disrupted critical services like air traffic control and government departments, showing how even a small percentage of offline devices can cause global chaos. Microsoft estimated that…
Read MoreA threat actor claimed they have and are selling data of two different U.S. local authorities in a dark web forum. The first one is U.S. local authority in Durango (durangoco.gov). The threat actor has claimed that another threat actor breached via a vulnerability in the website of the local authority three months ago, and…
Read MoreRecent Posts
- Hackers abuse Avast anti-rootkit driver to disable defenses
- Microsoft testing Windows 11 support for third-party passkeys
- Windows 11 24H2 update blocked on PCs with Assassin’s Creed, Star Wars Outlaws
- Windows 10 KB5046714 update fixes bug preventing app uninstalls
- Eight Key Takeaways From Kyndryl’s First Investor Day