Think, Talk, Hack
By root on

Oyster Backdoor Spreading via Trojanized Popular Software Downloads

By root on

SolarWinds Serv-U Vulnerability Under Active Attack – Patch Immediately

By root on

Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs

This exploit code allows Low level privileges user to get full admin privileges on vulnerable Cisco Secure Manager Appliance and Cisco Email Security Appliance

Two vulnerabilities in Cisco’s product line, including high-severity flaws in the Cisco Email Security Appliance, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Next Generation Management products, have been patched, according to Cisco. A SQL Injection vulnerability known as CVE-2022-20867 (CVSS score: 4.7) affects Cisco ESA and Cisco Secure Email and Web […]

root

3 vulnerabilities in Zoom Client and Zoom Rooms allows threat actor to become admin of the machine

According to the most recent research, three recently found security flaws in Zoom can grant an attacker access to root or SYSTEM users and the ability to execute malicious program. Local privilege escalation concerns have been identified as the two high severity vulnerabilities, CVE-2022-28768 and CVE-2022-36924, which might eventually result in seizing control of the […]

root

U.S. Federal Network Hacked – Iranian APT Hackers Compromised Domain Controller

Recently, the FBI and CISA published a joint advisory in which they disclosed an Iranian APT group compromised the Federal Civilian Executive Branch (FCEB) organization network Domain controller by exploiting the Log4Shell RCE flaw (CVE-2021-44228) to deploy XMRig crypto-mining malware and credential Harvester. An Iranian APT Hacker group bypassed an unpatched VMware Horizon server which […]

root

LodaRAT Malware Resurfaces with New Variants Employing Updated Functionalities

The LodaRAT malware has resurfaced with new variants that are being deployed in conjunction with other sophisticated malware, such as RedLine Stealer and Neshta. “The ease of access to its source code makes LodaRAT an attractive tool for any threat actor who is interested in its capabilities,” Cisco Talos researcher Chris Neal said in a […]

root

Hive Ransomware Attackers Extorted $100 Million from Over 1,300 Companies Worldwide

The threat actors behind the Hive ransomware-as-a-service (RaaS) scheme have launched attacks against over 1,300 companies across the world, netting the gang $100 million in illicit payments as of November 2022. “Hive ransomware has targeted a wide range of businesses and critical infrastructure sectors, including government facilities, communications, critical manufacturing, information technology, and — especially […]

root

High-Severity RCE Bug in F5 Products Let Attackers Hack the Complete Systems

Experts from Rapid7 observed a customized CentOS installation operating on F5 BIG-IP and BIG-IQ devices found to have various vulnerabilities.  While the other flaws are security bypass methods that F5 does not consider vulnerabilities, two of the vulnerabilities have been categorized as high-severity remote code execution vulnerabilities and given CVE IDs. Vulnerabilities Discovered The first […]

root

FBI-Wanted Leader of the Notorious Zeus Botnet Gang Arrested in Geneva

A Ukrainian national who has been wanted by the U.S for over a decade has been arrested by Swiss authorities for his role in a notorious cybercriminal ring that stole millions of dollars from victims’ bank accounts using malware called Zeus. Vyacheslav Igorevich Penchukov, who went by online pseu­do­nyms “tank” and “father,” is alleged to […]

root

Iranian Hackers Compromised a U.S. Federal Agency’s Network Using Log4Shell Exploit

Iranian government-sponsored threat actors have been blamed for compromising a U.S. federal agency by taking advantage of the Log4Shell vulnerability in an unpatched VMware Horizon server. The details, which were shared by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), come in response to incident response efforts undertaken by the authority from mid-June through mid-July […]

root

North Korean Hackers Targeting Europe and Latin America with Updated DTrack Backdoor

Hackers tied to the North Korean government have been observed using an updated version of a backdoor known as Dtrack targeting a wide range of industries in Germany, Brazil, India, Italy, Mexico, Switzerland, Saudi Arabia, Turkey, and the U.S. “Dtrack allows criminals to upload, download, start or delete files on the victim host,” Kaspersky researchers […]

root

GTA 5 Grand Theft Auto 5 Source Code published on GitHub

Yesterday evening, a number of Tweets with the “Grand Theft Auto V” source code appeared on social media. The source code was published on Twitter and Facebook as well as uploaded to a GitHub page.It appears that portion of Grand Theft Auto 5’s source code has been unauthorizedly posted to GitHub. The source code has […]

root

6 factors to consider for prioritizing remediation of vulnerabilities in a network using SSVC strategy

Given that 2021 set a record for the number of vulnerabilities disclosed and that threat actors improved their capacity to weaponize vulnerabilities, prompt and intelligent prioritization and repair of vulnerabilities should be a priority for all businesses. Despite the fact that the US Cybersecurity and Infrastructure Security Agency (CISA) frequently publishes lists of the most […]

root

KmsdBot – A Malware Written in Golang Infects Via SSH To Perform DDoS Attack

Recently, a new piece of evasive malware has been discovered that is able to gain entry into enterprise systems in order to mine cryptocurrency by exploiting a key internet-facing protocol. Researchers have discovered that the malware is capable of launching DDoS attacks, gaining a foothold on corporate networks, and launching attacks. To maintain Akamai’s long-term […]

root

PCspooF: New Vulnerability Affects Networking Tech Used by Spacecraft and Aircraft

Credit: Marina Minkin A novel attack method has been disclosed against a crucial piece of technology called time-triggered ethernet (TTE) that’s used in safety-critical infrastructure, potentially causing the failure of systems powering spacecraft and aircraft. Dubbed PCspooF by a group of academics and researchers from the University of Michigan, the University of Pennsylvania, and the […]

root

Hackers Hiding Malware Behind The PNG Images Using Steganography 

The Worok threat infects victims’ computers with information-stealing malware by concealing malware within PNG images with the help of the Steganography technique, which makes it very difficult to detect by malware scanners. The finding has substantiated one of the most crucial links in the chain of infection of the threat actor as claimed by the […]

root

Beware! Massive YouTube Campaign Aimed to Steal Login Credentials

There was an extensive phishing campaign that took advantage of YouTube as a vehicle for promoting the download and installation of cracked software and free games. In this campaign, attackers are abusing video tutorial that has the intention of tricking users into believing that the link provided in the video description is a link that […]

root

Swimlane introduces an OT security automation ecosystem

The launch of a security automation solution ecosystem for operational technology (OT) environments was announced on Monday by Swimlane, a provider of security orchestration, automation, and response (SOAR). For this OT security automation ecosystem, the business has partnered with a number of organizations, including the industrial cybersecurity firm Nozomi, the event monitoring and risk detection […]

root

KmsdBot, new botnet infects systems via an SSH & targets the gaming industry, technology industry, and luxury car manufacturers

A brand-new piece of malware dubbed KmsdBot infected Akamai Security Research’s honeypot. Systems are infected by the botnet using a weak login SSH connection. The gaming, IT, and luxury vehicle industries are just a few of the industries that the malware targets. The Internet is covered with a vast network of honeypots operated by the […]

root

New KmsdBot Malware Hijacking Systems for Mining Crypto and Launch DDoS Attacks

A newly discovered evasive malware leverages the Secure Shell (SSH) cryptographic protocol to gain entry into targeted systems with the goal of mining cryptocurrency and carrying out distributed denial-of-service (DDoS) attacks. Dubbed KmsdBot by the Akamai Security Intelligence Response Team (SIRT), the Golang-based malware has been found targeting a variety of companies ranging from gaming […]

root