New Banking Trojan Revive Targets BBVA Customers
New Banking Trojan Revive Targets BBVA Customers The newly emerged Android banking trojan Revive mimics BBVA bank’s two-factor authentication app. Although still in early development, the m...
Malicious Python Packages Steal AWS Keys
Malicious Python Packages Steal AWS Keys Cybersecurity researchers have discovered that some Python packages available in the PyPI repositories engage in malicious activity. Malicious packets send som...
Threat Actors Target VMware Servers by Exploiting Log4Shell Vulnerabil...
Threat Actors Target VMware Servers by Exploiting Log4Shell Vulnerability The Log4Shell RCE vulnerability with code CVE-2021-44228 continues to be exploited by state-backed threat actors. Attackers ut...
NTLM Relay Attack Leads to Windows Domain Takeover
NTLM Relay Attack Leads to Windows Domain Takeover A new DFSCoerce NTLM Relay attack has been discovered on Windows. Threat actors can take over Microsoft Active Directory Certificate Services (AD CS)...
SOCRadar Exhibiting Extended Threat Intelligence Solution at InfoSecur...
SOCRadar Exhibiting Extended Threat Intelligence Solution at InfoSecurity Europe 2022 SOCRadar will be at InfoSecurity Europe, held at London ExCel this week from 21 to 23 June. We are very excited to...
BRATA Malware Becomes an Advanced Threat
BRATA Malware Becomes an Advanced Threat Originally a banking trojan, BRATA acquires new capabilities and becomes a more advanced threat. Malware can now be much more effective at stealing user i...
DriftingCloud APT Group Exploits Zero-Day In Sophos Firewall
DriftingCloud APT Group Exploits Zero-Day In Sophos Firewall Cybersecurity researchers have revealed that Sophos Firewall has been actively exploited by DriftingCloud APT group since early March. Appa...
Cisco Fixed Critical Authentication Bypass Vulnerability Affecting Som...
Cisco Fixed Critical Authentication Bypass Vulnerability Affecting Some Products Cisco fixed a vulnerability discovered in the external authentication functionality of Secure Email and Web Manager. Th...
Microsoft June 2022 Patch Tuesday Fixes 55 Vulnerabilities Including F...
Microsoft June 2022 Patch Tuesday Fixes 55 Vulnerabilities Including Follina Microsoft has released the June 2022 Patch Tuesday. The company announced that it had patched 55 vulnerabilities, including...
Almost Impossible to Detect Symbiote Linux Malware
Almost Impossible to Detect Symbiote Linux Malware The newly discovered Linux malware Symbiote can easily infect and hide in almost any process on compromised systems. The malware steals account ...
Ransomware Groups Target VMware and QNAP Products
Ransomware Groups Target VMware and QNAP Products Linux-based Black Basta ransomware targets VMware ESXi virtual machines, while DeadBolt ransomware targets QNAP NAS (network-attached storage) product...
Mandiant Leak Alleged: A PR Trial?
Mandiant Leak Alleged: A PR Trial? LockBit ransomware gang claimed that they had stolen Mandiant’s data. The gang posted a countdown on their data leak site earlier today. They c...
What Do You Need To Know About Atlassian Confluence RCE Vulnerability?...
What Do You Need To Know About Atlassian Confluence RCE Vulnerability? After it was disclosed that the RCE vulnerability with the code CVE-2022-26134, which affects Atlassian Confluence and Data Cent...
On-Device Fraud Trend in Mobile Malware Campaigns
On-Device Fraud Trend in Mobile Malware Campaigns According to the 2022 mobile threat landscape analysis published byThreatFabric, ODF (on-device fraud) banking trojans targeting A...
Workarounds for Microsoft Office Zero-Day RCE Vulnerability "Follina" ...
Workarounds for Microsoft Office Zero-Day RCE Vulnerability “Follina” has Released The Follina zero-day vulnerability in Microsoft Office allows threat actors to perform remote code e...
GitHub Announces 100,000 npm Users' Credentials Stolen
GitHub Announces 100,000 npm Users’ Credentials Stolen GitHub has announced that 100,000 npm user information was stolen through OAuth tokens linked to Heroku and Travis CI. It was previously&nb...
PoC Released for Authentication Bypass Vulnerability in VMware
PoC Released for Authentication Bypass Vulnerability in VMware Vulnerability-related PoC has been published that allows threat actors to bypass authentication across multiple VMware products. VMw...
What Do You Need To Know and Do About Compromised CTX Module in Python...
What Do You Need To Know and Do About Compromised CTX Module in Python Package Repositories? According to a post on Reddit, evidence was presented that the CTX module in the Python package repositorie...
Turla Reconnaissance Campaign Targets Eastern Europe
Turla Reconnaissance Campaign Targets Eastern Europe The reconnaissance and espionage campaign of the Russia-linked Turla hacker group against the Austrian Economic Chamber, Baltic Defense College, an...
Conti Ransomware Ended: They Operate With Other Groups Now
Conti Ransomware Ended: They Operate With Other Groups Now The Conti ransomware gang had taken its infrastructure offline and ceased operations. According to the news of Advanced Intel’s Yelisey...