VMware has released software updates to correct two security vulnerabilities in Aria Operations for Networks that could be potentially exploited to bypass authentication and gain remote code execution. The most severe of the flaws is CVE-2023-34039 (CVSS score: 9.8), which relates to a case of authentication bypass arising as a result of a lack of […]
The operators associated with the QakBot (aka QBot) malware have set up 15 new command-and-control (C2) servers as of late June 2023. The findings are a continuation of the malware’s infrastructure analysis from Team Cymru, and arrive a little over two months after Lumen Black Lotus Labs revealed that 25% of its C2 servers are […]
Threat actors associated with the BlackCat ransomware have been observed employing malvertising tricks to distribute rogue installers of the WinSCP file transfer application. “Malicious actors used malvertising to distribute a piece of malware via cloned webpages of legitimate organizations,” Trend Micro researchers said in an analysis published last week. “In this case, the distribution involved […]
VMware has flagged that a recently patched critical command injection vulnerability in Aria Operations for Networks (formerly vRealize Network Insight) has come under active exploitation in the wild. The flaw, tracked as CVE-2023-20887, could allow a malicious actor with network access to the product to perform a command injection attack, resulting in remote code execution. […]
The most widely used web browser in the world, Google Chrome, has been found to have a critical zero-day vulnerability that has been actively exploited in the wild. Confirming the severity of the danger, Google rapidly sent fixes to desktop versions of the Chrome browser on Tuesday in order to close the security vulnerability discovered […]
A peek under the hood of a cybercrime operation and what you can do to avoid being an easy target for similar ploys
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks targeting state bodies in the country as part of an espionage campaign. The intrusion set, attributed to a threat actor tracked by the authority as UAC-0063 since 2021, leverages phishing lures to deploy a variety of malicious tools on infected systems. The […]
Three different threat actors leveraged hundreds of elaborate fictitious personas on Facebook and Instagram to target individuals located in South Asia as part of disparate attacks. “Each of these APTs relied heavily on social engineering to trick people into clicking on malicious links, downloading malware or sharing personal information across the internet,” Guy Rosen, chief […]
On Thursday, the firm issued urgent fixes to resolve serious security flaws in the VMware Aria Operations for Logs product line (which was originally known as vRealize Log Insight). Additionally, the business issued a warning about the potential for pre-authentication remote root attacks.VMware has issued a critical-level warning that details two different vulnerabilities in the […]
The notorious North Korea-aligned state-sponsored actor known as the Lazarus Group has been attributed to a new campaign aimed at Linux users. The attacks are part of a persistent and long-running activity tracked under the name Operation Dream Job, ESET said in a new report published today. The findings are crucial, not least because it […]
A joint international law enforcement operation has dismantled Genesis Market, an illegal online marketplace that specialized in the sale of stolen credentials associated with email, bank accounts, and social media platforms. Coinciding with the infrastructure seizure, the major crackdown, which involved authorities from 17 countries, culminated in 119 arrests and 208 property searches in 13 […]
A new North Korean nation-state cyber operator has been attributed to a series of campaigns orchestrated to gather strategic intelligence that aligns with Pyongyang’s geopolitical interests since 2018. Google-owned Mandiant, which is tracking the activity cluster under the moniker APT43, said the group’s motives are both espionage- and financially-motivated, leveraging techniques like credential harvesting and […]
Telecommunication providers in the Middle East are the subject of new cyber attacks that commenced in the first quarter of 2023. The intrusion set has been attributed to a Chinese cyber espionage actor associated with a long-running campaign dubbed Operation Soft Cell based on tooling overlaps. “The initial attack phase involves infiltrating Internet-facing Microsoft Exchange […]
A North Korean espionage group tracked as UNC2970 has been observed employing previously undocumented malware families as part of a spear-phishing campaign targeting U.S. and European media and technology organizations since June 2022. Google-owned Mandiant said the threat cluster shares “multiple overlaps” with a long-running operation dubbed “Dream Job” that employs job recruitment lures in […]
The RIG exploit kit (EK) touched an all-time high successful exploitation rate of nearly 30% in 2022, new findings reveal. “RIG EK is a financially-motivated program that has been active since 2014,” Swiss cybersecurity company PRODAFT said in an exhaustive report shared with The Hacker News. “Although it has yet to substantially change its exploits […]
State-backed hackers from North Korea are conducting ransomware attacks against healthcare and critical infrastructure facilities to fund illicit activities, U.S. and South Korean cybersecurity and intelligence agencies warned in a joint advisory. The attacks, which demand cryptocurrency ransoms in exchange for recovering access to encrypted files, are designed to support North Korea’s national-level priorities and […]
phpMyAdmin is a web-based application that is both open-source and free, and it was developed for the purpose of administering MySQL and MariaDB databases. phpMyAdmin is one of the most popular MySQL database management tools, with more than 200,000 downloads occurring each and every month. It has been discovered that phpMyAdmin has a moderate security […]
The CMMC is owned by Mitsubishi Materials Corporation. It generates an average of 100 million pounds of copper per year and has an anticipated mineral reserve capacity for another 32 years. The Canadian Copper Mountain Mining Corporation (CMMC), which is located in British Columbia, recently made an announcement stating that it was the subject of a […]
Nio Inc., which is located in China, said on Tuesday that hackers had broken into its computer systems and acquired data on users and car sales. This is the most recent instance of a hacking attack to strike the global automotive sector. According to reports from the media, the cybercriminals had written an email to […]
Fire Rescue Victoria’s (FRV) emails, phones, and emergency dispatch systems that automate firefighters’ tasks, such as opening station doors as soon as firefighters get an emergency call, were all affected by a hack, which resulted in “a broad IT outage.” The Australian government and private companies are facing a significant challenge in the form of […]
The operators of the Ducktail information stealer have demonstrated a “relentless willingness to persist” and continued to update their malware as part of an ongoing financially driven campaign. “The malware is designed to steal browser cookies and take advantage of authenticated Facebook sessions to steal information from the victim’s Facebook account,” WithSecure researcher Mohammad Kazem […]