#backdoor

As we are nearing the end of 2022, looking at the most concerning threats of this turbulent year in terms of testing numbers offers a threat-based perspective on what triggers cybersecurity teams to check how vulnerable they are to specific threats. These are the threats that were most tested to validate resilience with the Cymulate security posture management platform between January 1st and

WordPress Yith WooCommerce Gift Cards Premium plugin versions 3.19.0 and below suffer from a remote shell upload vulnerability.

A new targeted phishing campaign has zoomed in on a two-factor authentication solution called Kavach that's used by Indian government officials. Cybersecurity firm Securonix dubbed the activity STEPPY#KAVACH, attributing it to a threat actor known as SideCopy based on tactical overlaps with prior attacks. ".LNK files are used to initiate code execution which eventually downloads and runs a

An exhaustive analysis of FIN7 has unmasked the cybercrime syndicate's organizational hierarchy, alongside unraveling its role as an affiliate for mounting ransomware attacks. It has also exposed deeper associations between the group and the larger threat ecosystem comprising the now-defunct ransomware DarkSide, REvil, and LockBit families. The highly active threat group, also known as Carbanak,

Multiple high-severity vulnerabilities have been disclosed in Passwordstate password management solution that could be exploited by an unauthenticated remote adversary to obtain a user's plaintext passwords. "Successful exploitation allows an unauthenticated attacker to exfiltrate passwords from an instance, overwrite all stored passwords within the database, or elevate their privileges within

Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin account of admin:Nq+L5st7o This account can be used locally to access the web admin interface.

Nokia Fastmile 3tg00118abad52 is affected by an authenticated path traversal vulnerability which allows attackers to read any named pipe file on the system.

By Deeba Ahmed Researchers believe that GodFather could be a successor of another banking trojan called Anubis, which had its source code leaked in January 2019 on an underground hacking forum. This is a post from HackRead.com Read the original post: “GodFather” Hits Banks, Crypto Wallets Apps as Android Trojan Emerges

An Android banking trojan known as GodFather is being used to target users of more than 400 banking and cryptocurrency apps spanning across 16 countries. This includes 215 banks, 94 crypto wallet providers, and 110 crypto exchange platforms serving users in the U.S., Turkey, Spain, Italy, Canada, and Canada, among others, Singapore-headquartered Group-IB said in a report shared with The Hacker

The Computer Emergency Response Team of Ukraine (CERT-UA) this week disclosed that users of the Delta situational awareness program received phishing emails from a compromised email account belonging to the Ministry of Defense. The attacks, which have been attributed to a threat cluster dubbed UAC-0142, aimed to infect systems with two pieces of data-stealing malware referred to as FateGrab and