Category: Kamban
Microsoft has released a new Windows 10 22H2 beta (KB5041582) with memory leak and crash fixes for Insiders in the Beta and Release Preview channels. The company says the KB5041582 update fixes an issue causing some apps to stop because of a memory leak in a Bluetooth device and an Input Method Editor (IME) memory…
Read More
A wave of attacks that started in July 2024 rely on a less common technique called AppDomain Manager Injection, which can weaponize any Microsoft .NET application on Windows. The technique has been around since 2017, and multiple proof-of-concept apps have been released over the years. However, it is typically used in red team engagements and seldomly observed in…
Read More
Image: MidjourneyHalliburton, one of the world’s largest providers of services to the energy industry, has confirmed a cyberattack that forced it to shut down some of its systems earlier this week. “On August 21, 2024, Halliburton Company (the “Company”) became aware that an unauthorized third party gained access to certain of its systems,” the oil…
Read More
Introduction Welcome to the July 2024 installment of the Sensor Intelligence Series, our monthly summary of vulnerability intelligence based on distributed passive sensor data. Last month we observed a massive increase in scanning for CVE-2017-9841 as well as continued increases in scanning for CVE-2023-1389 and scanning for a newly discovered PHP vulnerability – CVE-2024-4577. This…
Read More
A developer that researchers now track as Greasy Opal, operating as a seemingly legitimate business, has been fueling the cybercrime-as-a-service industry with a tool that bypasses account security solutions and allows bot-led CAPTCHA solving at scale. Greasy Opal has been active for more nearly two decades and tailors its tools based on customers’ targeting needs.…
Read More
The group behind Doubleface ransomware has recently attacked the website of Donetsk International Airport, demonstrating its capability to execute high-profile cyberattacks. Doubleface ransomware uses the C/C++ programming language. It also employs AES-128 and RSA-4096 encryption algorithms. According to the seller, Doubleface ransomware is undetected by most major antivirus programs like Windows 10/11 Defender, Avast, Kaspersky…
Read More
For the week ending Aug. 23, CRN takes a look at the companies that brought their ‘A’ game to the channel including AMD, ePlus, Grafana Labs, Amazon and Novva Data Centers. The Week Ending Aug. 23 Topping this week’s Came to Win list is chipmaker AMD for a strategic acquisition that will provide a boost…
Read More
The federal police in Argentina (PFA) have arrested a 29-year-old Russian national in Buenos Aires on charges of money laundering related to cryptocurrency proceeds belonging to the North Korean Lazarus hackers. The San Isidro Specialized Fiscal Unit in Cybercrime Investigations (UFEIC) collaborated with blockchain analysis firm TRM Labs to identify and locate the individual despite him…
Read More
Hackers have already started to exploit the critical severity vulnerability that affects LiteSpeed Cache, a WordPress plugin used for accelerating response times, a day after technical details become public. The security issue is tracked as CVE-2024-28000 and allows escalating privileges without authentication in all versions of the WordPress plugin up to 6.3.0.1. The vulnerability stems from…
Read More
The Qilin ransomware group has been using a new tactic and deploys a custom stealer to steal account credentials stored in Google Chrome browser. The credential-harvesting techniques has been observed by the Sophos X-Ops team during incident response engagements and marks an alarming change on the ransomware scene. Attack overview The attack that Sophos researchers analyzed…
Read More