Fancy Product Designer, a WordPress plugin installed on over 17,000 sites, has been discovered to contain a critical file upload vulnerability that’s being actively exploited in the wild to upload malware onto sites that have the plugin installed. Wordfence’s threat intelligence team, which discovered the flaw, said it reported the issue to the plugin’s developer […]
Cyber operatives affiliated with the Russian Foreign Intelligence Service (SVR) have switched up their tactics in response to previous public disclosures of their attack methods, according to a new advisory jointly published by intelligence agencies from the U.K. and U.S. Friday. “SVR cyber operators appear to have reacted […] by changing their TTPs in an […]
Attackers are exploiting the ProxyLogon Microsoft Exchange Server flaws to co-opt vulnerable machines to a cryptocurrency botnet named Prometei, according to new research. “Prometei exploits the recently disclosed Microsoft Exchange vulnerabilities associated with the HAFNIUM attacks to penetrate the network for malware deployment, credential harvesting and more,” Boston-based cybersecurity firm Cybereason said in an analysis […]
The Federal Bureau of Investigation (FBI) issued a report warning that a group of hackers sponsored by national states is operating a massive exploit campaign of three security flaws in FortiOS, the operating system of popular security firm Fortinet. This report, issued in conjunction with the Cybersecurity and Infrastructure Security Agency (CISA), notes that attackers […]
The Microsoft Security Response Center yesterday released several security updates for Microsoft Exchange Server. These updates were targeted at addressing vulnerabilities that have been used in a few focused and targeted attacks. Nature of vulnerabilities The vulnerabilities have been deemed to be very critical in nature and Microsoft urges and advises its customers to update […]
Newly discovered Android vulnerability dubbed “StrandHogg” being exploited in wide by unknown hackers using weaponized malware apps that posed as a legitimate one to perform various malicious activities. The vulnerability allows attackers to infect the Android phone without root access, and it affects all the android version including Android 10. Researchers confirmed that 36 malicious […]
A new wave of Roboto Botnet activities being discovered that attack the Linux Webmin servers by exploiting the RCE vulnerability using vulnerability scanning and P2P control module. Roboto Botnet initially detected via 360Netlab Unknown Threat Detection System as an ELF( Executable Linkable Format) file in august, later, honeypot detects another suspicious ELF sample which acts […]
Researchers detect a wave of malware campaigns from a new hacking group named TA2101 that targeting various organizations in German and Italy to deploy the backdoor malware in their network. Threat actors from this new hacking group using legitimate and licensed penetration testing tools and backdoor framework such as Cobalt Strike and Metasploit to perform […]
UAC-A-Mola is a tool that allows security researchers to investigate new UAC bypasses, in addition to detecting and exploiting known bypasses. UAC-A-mola has modules to carry out the protection and mitigation of UAC bypasses. The strong point of uac-a-mola is that it was created so that other researchers can carry out the work and process […]
Cybersecurity researchers have spotted a new cyberattack that is believed to be the very first but an amateur attempt to weaponize the infamous BlueKeep RDP vulnerability in the wild to mass compromise vulnerable systems for cryptocurrency mining. In May this year, Microsoft released a patch for a highly-critical remote code execution flaw, dubbed BlueKeep, in its Windows […]
Researchers discovered an ongoing buggy malware campaign that attempts to exploit the newly discovered vulnerabilities resides in the WordPress theme and plugin. Cybercriminals are always curious about developing the exploits soon after the new vulnerabilities found in wide particularly sites that running under WordPress. Attackers are cleverly changing the new domains every week by slightly […]
Ethical hacking experts report that, in recent days, threat actors have been scanning the Internet looking for non updated SSL VPNs developed by the company Fortinet to exploit a critical vulnerability. The main objective of the operators of this campaign is the theft of login credentials and other confidential details. If successful, threat actors could […]
Thefatrat a massive exploiting tool bypass most AV software An Easy tool to Generate Backdoor for bypass AV and Easy Tool For Post exploitation attack like browser attack,dll . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created […]
Researchers discovered a new Android malware called “Agent Smith” that infects nearly 25 million mobile users around the globe without letting users know about the malicious activities. Agent Smith malware activities have a similar appearance of previously reported malware campaigns such as Gooligan, HummingBad, and CopyCat. Malware posed as a legitimate Google app and takes […]
USCYBERCOM published an alert that hackers were exploiting the CVE-2017-11774 Microsoft Outlook Security Vulnerability to deliver malware using an HTTPS domain. Microsoft already patched the vulnerability in 2017 and the USCYBERCOM alert refers to the ongoing campaign that exploiting CVE-2017-11774. Users are advised to ensure that they have patched the vulnerability. — USCYBERCOM Malware Alert […]
BoomER is an open source framework, developed in Python. The tool is focused on post-exploitation, with a main objective, the detection and exploitation of local vulnerabilities, as well as the collection of information from a system, such as the installed applications they have. The framework allows the extension by third parties, through the development of […]
A web application security testing revealed that threat actors are actively exploiting a remote code execution vulnerability in some versions of SharePoint Server to install the hacking tool known as The China Copper. Although the vulnerability had already been patched, not all SharePoint deployments had been updated. The vulnerability, tracked as CVE-2019-0604, affects all versions […]
Taking advantage of newly disclosed and even patched vulnerabilities has become common among cybercriminals, which makes it one of the primary attack vectors for everyday-threats, like crypto-mining, phishing, and ransomware. As suspected, a recently-disclosed critical vulnerability in the widely used Oracle WebLogic Server has now been spotted actively being exploited to distribute a never-before-seen ransomware […]
Hackers exploiting the recently disclosed Oracle WebLogic Server remote code execution vulnerability to install a new variant of ransomware called “Sodinokibi.” The vulnerability allows anyone with HTTP access to the server can carry out the attack without authentication. The vulnerability affects Oracle WebLogic Server, versions 10.3.6.0, 12.1.3.0, Oracle fixed the issue on April 26, and […]
The Banking and Financial sectors were hit with a constant stream of cyber attacks when compared to any of the other industries. 25.7 percent of all malware attacks last year focused on Banks and Financial Services Organizations. According to Intsights Q1 2019 report, the credentials leak doubled to any of the quarters of 2018. The […]
Here comes news about another WordPress website security breach carried out by exploiting plugin vulnerabilities. Reports say that hackers have been exploiting vulnerabilities in a popular social media sharing plugin on WordPress. The Hacker News reports, “Hackers have been found exploiting a pair of critical security vulnerabilities in one of the popular social media sharing […]