uncovered
-
Hacker forums monitored by SOCRadar’s Dark Web Team have revealed several alarming cyber threats this week, including the sale of a 0-day RCE vulnerability for Chrome and Edge. Additionally, the source code for the Aliena botnet, a tool targeting financial systems, is being sold. Moreover, the latest breaches include databases from Sólides, Young Living, and…
-
Bulletproof hosting services, a type of dark internet service provider, offer infrastructure to cybercriminals, facilitating malicious activities like malware distribution, hacking attacks, fraudulent websites, and spam.
-
Cybercriminals are using phish kits developed by authoring group SpartanWarriorz to target over 300 global brands, new research from Fortra has revealed. Attackers using the kits tend to target financial institutions in North America and Europe, retail, delivery services, and social media platforms.
-
Zloader, a sophisticated Trojan, has recently evolved with features that enhance its stealth and destructive potential, as the latest version, 2.9.4.0, introduces a custom DNS tunnel for covert C2 communications, bypassing traditional network security measures.
-
An updated version of Zloader (2.9.4.0) has been discovered, which includes a Domain Name System (DNS) tunnel for command-and-control (C2) connections, an interactive shell for hands-on keyboard action, and additional features that improve the malware’s anti-analysis capabilities.
-
Cybersecurity researchers have unveiled an advanced technique to uncover hackers’ operational infrastructure using passive DNS data.
-
Following an investigation into how a ransomware gang was cashing out extorted cryptocurrency, British law enforcement on Wednesday announced uncovering a sprawling Russian money laundering system used by transnational drug traffickers, cybercriminals, Moscow elites evading sanctions and even the Kremlin’s espionage operations.
-
Governance & Risk Management , Vulnerability Assessment & Penetration Testing (VA/PT)
-
MalBot December 3, 2024, 6:25pm 1 Bootkitty has been integrated with a manipulated BMP file exploiting LogoFAIL-related vulnerability, tracked as CVE-2023-40238, to circumvent defenses provided by Secure Boot, compromise UEFI image parsing routines, and execute malicious bootloaders, according to a separate report from Binarly.
-
Magento, a leading eCommerce platform, has once again become the target of sophisticated cybercriminal tactics. Security Analyst Puja Srivastava, from Sucuri, recently reported on a malicious JavaScript injection that compromises Magento-powered websites. This new malware operates stealthily, targeting checkout pages to exfiltrate sensitive payment information.
-
Oligo’s research team recently unveiled six vulnerabilities in Ollama, a popular open-source framework for running large language models (LLMs) on local and cloud infrastructure. As Ollama’s use in enterprise AI environments has surged, these vulnerabilities highlight significant risks for organizations deploying the tool.
-
Threat actors encompass a range of individuals and groups that pose several cybersecurity risks. Their activities and tactics have evolved immensely over time and are primarily aimed at “espionage,” “disruption,” and “financial gain.”
-
The first day of Pwn2Own Ireland 2024 has concluded with an impressive showcase of cybersecurity prowess, as hackers demonstrated their skills by uncovering 52 zero-day vulnerabilities.
-
A new generation of QR code phishing (quishing) attacks have been uncovered by threat analyists at Barracuda.
-
RPKI is a security framework designed to enhance the integrity of Internet routing by associating specific IP address blocks and ASNs with their legitimate holders.
-
MalBot October 3, 2024, 11:55pm 1 Attackers leverage exposed access keys to run chatbot services at the victim’s expense.
-
The Jenkins project has issued a security advisory, urging users to update their installations immediately due to the discovery of multiple vulnerabilities. These flaws could allow attackers to steal sensitive data, bypass security restrictions, and even gain complete control of Jenkins servers.
-
What happened? The speed at which vulnerabilities are detected and addressed can drastically impact an organization’s likelihood of suffering a security incident. Recently, Bitsight demonstrated how its investments in product fingerprinting and CVE mapping allowed it to identify and surface assets potentially impacted by a set of critical vulnerabilities in the CUPS printing system in…
-
In a recent analysis, security researcher Mikko Kenttälä exposed a critical zero-click vulnerability chain in macOS, potentially affecting millions of users. This exploit, dubbed the “Zero-Click Calendar Invite,” allows attackers to execute malicious code on a victim’s machine remotely, without any user interaction.