Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

The 3 most common post-compromise tactics on network infrastructure

We discuss three of the most common post-compromise tactics that Talos has observed in our threat telemetry and Cisco Talos Incident Response (Talos IR) engagements. These include modifying the device’s firmware, uploading customized/weaponized firmware, and bypassing security measures.

TALOS
Open in Source
#vulnerability#web#ios#mac#windows#microsoft#linux#cisco#intel#backdoor#botnet#auth
Chinese State Hackers Target Tibetans with Supply Chain, Watering Hole Attacks

The China-linked threat actor known as Evasive Panda orchestrated both watering hole and supply chain attacks targeting Tibetan users at least since September 2023. The end of the attacks is to deliver malicious downloaders for Windows and macOS that deploy a known backdoor called MgBot and a previously undocumented Windows implant known as Nightdoor. The findings come from ESET, which

February 2024: Vulremi, Vuldetta, PT VM Course relaunch, PT TrendVulns digests, Ivanti, Fortinet, MSPT, Linux PW

Hello everyone! In this episode, I will talk about the February updates of my open source projects, also about projects at my main job at Positive Technologies and interesting vulnerabilities. Alternative video link (for Russia): https://vk.com/video-149273431_456239140 Let’s start with my open source projects. Vulremi A simple vulnerability remediation utility, Vulremi, now has a logo and […]

Why Apple added protection against quantum computing when quantum computing doesn’t even exist yet

Apple’s newest encryption technology, called PQ3, now secures iMessages with end-to-end encryption that is quantum-resistant.

Backdoor.Win32.Agent.amt MVID-2024-0673 Authentication Bypass / Code Execution

Backdoor.Win32.Agent.amt malware suffers from bypass and code execution vulnerabilities.

Backdoor.Win32.Jeemp.c MVID-2024-0672 Hardcoded Credential

Backdoor.Win32.Jeemp.c malware suffers from a hardcoded credential vulnerability.

New Backdoor Targeting European Officials Linked to Indian Diplomatic Events

A previously undocumented threat actor dubbed SPIKEDWINE has been observed targeting officials in European countries with Indian diplomatic missions using a new backdoor called WINELOADER. The adversary, according to a report from Zscaler ThreatLabz, used a PDF file in emails that purported to come from the Ambassador of India, inviting diplomatic staff to a wine-tasting

FBI Alert: Russian Hackers Target Ubiquiti Routers for Data, Botnet Creation

By Deeba Ahmed Russian hackers, part of Russia’s Main Intelligence Directorate of the General Staff, are using compromised Ubiquiti EdgeRouters to… This is a post from HackRead.com Read the original post: FBI Alert: Russian Hackers Target Ubiquiti Routers for Data, Botnet Creation

New Variant of AMOS Stealer Targets Safari Cookies and Crypto Wallets

By Waqas macOS users watch out for the new variant aiming at your crypto funds! This is a post from HackRead.com Read the original post: New Variant of AMOS Stealer Targets Safari Cookies and Crypto Wallets