Category: Viral
The U.S. State Department has announced monetary rewards of up to $15 million for information that could lead to the identification of key leaders within the LockBit ransomware group and the arrest of any individual participating in the operation. “Since January 2020, LockBit actors have executed over 2,000 attacks against victims in the United States,…
Read More
Feb 21, 2024NewsroomMalware / Cyber Espionage The China-linked threat actor known as Mustang Panda has targeted various Asian countries using a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS. “The piece of customized PlugX malware is dissimilar to the general type of the PlugX malware that contains a completed backdoor command module, and that…
Read More
With SaaS applications now making up the vast majority of technology used by employees in most organizations, tasks related to identity governance need to happen across a myriad of individual SaaS apps. This presents a huge challenge for centralized IT teams who are ultimately held responsible for managing and securing app access, but can’t possibly…
Read More
How To Why and how are we subjected to so much disinformation nowadays, and is there a way to spot the fakes? 20 Feb 2024 • , 6 min. read One of the best things about the internet is that it’s an expansive repository of knowledge – and this wealth of knowledge is almost never…
Read More
Feb 21, 2024NewsroomMalware / Cyber Threat Facebook advertisers in Vietnam are the target of a previously unknown information stealer dubbed VietCredCare at least since August 2022. The malware is “notable for its ability to automatically filter out Facebook session cookies and credentials stolen from compromised devices, and assess whether these accounts manage business profiles and…
Read More
Feb 21, 2024NewsroomPhishing Attack / Information Warfare Cybersecurity researchers have unearthed a new influence operation targeting Ukraine that leverages spam emails to propagate war-related disinformation. The activity has been linked to Russia-aligned threat actors by Slovak cybersecurity company ESET, which also identified a spear-phishing campaign aimed at a Ukrainian defense company in October 2023 and…
Read More
Advisory ID: VMSA-2024-0004 CVSSv3 Range: 6.7 Issue Date: 2024-02-20 Updated On: 2024-02-20 (Initial Advisory) CVE(s): CVE-2024-22235 Synopsis: VMware Aria Operations updates address local privilege escalation vulnerability. (CVE-2024-22235) Source link ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde…
Read MoreAdvisory ID: VMSA-2024-0003 CVSSv3 Range: 9.6 – 7.8 Issue Date: 2024-02-20 Updated On: 2024-02-20 (Initial Advisory) CVE(s): CVE-2024-22245, CVE-2024-22250 Synopsis: Addressing Arbitrary Authentication Relay and Session Hijack Vulnerabilities in Deprecated VMware Enhanced Authentication Plug-in (EAP) (CVE-2024-22245, CVE-2024-22250) Source link ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde ddde…
Read More
Feb 20, 2024NewsroomMalware / Supply Chain Security Cybersecurity researchers have discovered two malicious packages on the Python Package Index (PyPI) repository that were found leveraging a technique called DLL side-loading to circumvent detection by security software and run malicious code. The packages, named NP6HelperHttptest and NP6HelperHttper, were each downloaded 537 and 166 times, respectively, before…
Read More
Feb 20, 2024NewsroomVulnerability / Network Security ConnectWise has released software updates to address two security flaws in its ScreenConnect remote desktop and access software, including a critical bug that could enable remote code execution on affected systems. The vulnerabilities, which currently lack CVE identifiers, are listed below – Authentication bypass using an alternate path or…
Read More