A recently detected vulnerability affecting Flux, a popular continuous delivery (CD) tool for Kubernetes, would reportedly allow tenants to sabotage the activities of “neighbors” who use the same infrastructure outside of their own facilities. Flux is an open and extensible CD solution to keep Kubernetes clusters in sync with configuration sources, and is used by […]
Cybercriminals continue to mine for opportunities in the crypto space – here’s what you should know about coin-mining hacks and crypto theft
Hackers are reportedly targeting WordPress sites that use an unknown security version of the Tatsu no-code website builder plugin. As part of a massive attack attacking a vulnerability in the Tatsu Creator plugin, a vast number of WordPress websites could be compromised. The vulnerability, identified as CVE-2021-25094, also known as the CVSS score of 8.1, […]
A cybercriminal group claims to have compromised the systems of a robotics company specializing in surveillance solutions around the world. Identified as CaucasNet, the group shared via Twitter some screenshots of an allegedly compromised web portal, used as a control panel for surveillance robot vehicles at Sheremetyevo International Airport in Russia. These Tral Patrol 4.0 […]
Specialists from the security firm NCC Group developed a tool capable of deploying relay attacks against Bluetooth Low Energy (BLE), which would allow bypassing any existing protection in the target system, authenticating without any problem. This technology is used in all kinds of products, including smartphones, laptops, access control systems, and even in Tesla Model […]
Ransomware is not a new attack vector. In fact, the first malware of its kind appeared more than 30 years ago and was distributed via 5.25-inch floppy disks. To pay the ransom, the victim had to mail money to a P.O. Box in Panama. Fast forward to today, affordable ransomware-as-a-service (RaaS) kits are available on […]
The inner workings of a cybercriminal group known as the Wizard Spider have been exposed, shedding light on its organizational structure and motivations. “Most of Wizard Spider’s efforts go into hacking European and U.S. businesses, with a special cracking tool used by some of their attackers to breach high-value targets,” Swiss cybersecurity company PRODAFT said […]
Microsoft on Tuesday warned that it recently spotted a malicious campaign targeting SQL Servers that leverages a built-in PowerShell binary to achieve persistence on compromised systems. The intrusions, which leverage brute-force attacks as an initial compromise vector, stand out for their use of the utility “sqlps.exe,” the tech giant said in a series of tweets. […]
Microsoft is warning of an emerging threat targeting internet-connected cryptocurrency wallets, signaling a departure in the use of digital coins in cyberattacks. The tech giant dubbed the new threat “cryware,” with the attacks resulting in the irreversible theft of virtual currencies by means of fraudulent transfers to an adversary-controlled wallet. “Cryware are information stealers that […]
Several hackers have newly begun exploiting a recently patched critical vulnerability, identified as CVE-2022-30525, which is affecting business firewall and VPN devices from Zyxel. In response to this vulnerability, the cybersecurity experts at Rapid7 have discovered that a number of Zyxel firewalls supporting ZTP like the ATP series, the VPN series, and the USG FLEX […]
A new variant of the macOS malware tracked as UpdateAgent has been spotted in the wild, indicating ongoing attempts on the part of its authors to upgrade its functionalities. “Perhaps one of the most identifiable features of the malware is that it relies on the AWS infrastructure to host its various payloads and perform its […]
The U.S. Justice Department on Monday accused a 55-year-old cardiologist from Venezuela of being the mastermind behind Thanos ransomware, charging him with the use and sale of the malicious tool and entering into profit sharing arrangements. Moises Luis Zagala Gonzalez, also known by the monikers Nosophoros, Aesculapius, and Nebuchadnezzar, is alleged to have both developed […]
Microsoft is warning of a new variant of the srv botnet that’s exploiting multiple security flaws in web applications and databases to install coin miners on both Windows and Linux systems. The tech giant, which has called the new version Sysrv-K, is said to weaponize an array of exploits to gain control of web servers. […]
More than 200 Android apps masquerading as fitness, photo editing, and puzzle apps have been observed distributing spyware called Facestealer to siphon user credentials and other valuable information. “Similar to Joker, another piece of mobile malware, Facestealer changes its code frequently, thus spawning many variants,” Trend Micro analysts Cifer Fang, Ford Quin, and Zhengyu Dong […]
Image source: z3r00t The U.S. Cybersecurity and Infrastructure Security Agency on Monday added two security flaws, including the recently disclosed remote code execution bug affecting Zyxel firewalls, to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. Tracked as CVE-2022-30525, the vulnerability is rated 9.8 for severity and relates to a command injection flaw […]
In early 2022, Microsoft addressed CVE-2022-22005, a remote code execution (RCE) vulnerability that used website creation features in SharePoint, releasing a security patch. Even though the flaw had already been fixed, a security researcher found a new way to exploit the deserialization bug by uploading malicious files to the server. Many languages use serialization and […]
In a security alert, SonicWall has strongly urged its customers to address some security flaws in its Secure Mobile Access (SMA) Series 1000 products, as their successful exploitation would allow threat actors to fully compromise vulnerable devices. The most severe vulnerability, tracked as CVE-2022-22282, was described as an unauthenticated access control evasion, while two minor […]
A first-of-its-kind security analysis of iOS Find My function has identified a novel attack surface that makes it possible to tamper with the firmware and load malware onto a Bluetooth chip that’s executed while an iPhone is “off.” The mechanism takes advantage of the fact that wireless chips related to Bluetooth, Near-field communication (NFC), and […]
An unidentified threat actor has been linked to an actively in-development malware toolkit called the “Eternity Project” that lets professional and amateur cybercriminals buy stealers, clippers, worms, miners, ransomware, and a distributed denial-of-service (DDoS) bot. What makes this malware-as-a-service (MaaS) stand out is that besides using a Telegram channel to communicate updates about the latest […]
Researchers from SEC Consult Vulnerability Lab reported the detection of a sandbox breakout vulnerability present in some Konica Minolta bizhub multifunctional models. Detected in late 2019, successful exploitation of this flaw would have given attackers full read/write access to the device’s operating system, in addition to root access to stored data. Threat actors could have […]
SonicWall has published an advisory warning of a trio of security flaws in its Secure Mobile Access (SMA) 1000 appliances, including a high-severity authentication bypass vulnerability. The weaknesses in question impact SMA 6200, 6210, 7200, 7210, 8000v running firmware versions 12.4.0 and 12.4.1. The list of vulnerabilities is below – CVE-2022-22282 (CVSS score: 8.2) – […]