Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

Qubitstrike Malware Hits Jupyter Notebooks for Cryptojacking and Cloud Data

By Deeba Ahmed Qubitstrike Malware Uses Discord for C2 Communications in Cryptojacking Campaign Targeting Jupyter Notebooks. This is a post from HackRead.com Read the original post: Qubitstrike Malware Hits Jupyter Notebooks for Cryptojacking and Cloud Data

HackRead
Open in Source
#vulnerability#web#google#amazon#git#intel#backdoor#aws#alibaba#auth#ssh
Critical Citrix Bug Exploited as a Zero-Day, 'Patching Is Not Enough'

The latest threat to Citrix NetScaler, CVE-2023-4966, was exploited as a zero-day bug for months before a patch was issued. Researchers expect exploitation efforts to surge.

What is Cracktivator software?

Learn about Talos' research into cracked versions of the Microsoft Windows operating system and applications. Discover why the use of cracktivator software is a growing trend.

Lazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC Apps

The North Korea-linked Lazarus Group (aka Hidden Cobra or TEMP.Hermit) has been observed using trojanized versions of Virtual Network Computing (VNC) apps as lures to target the defense industry and nuclear engineers as part of a long-running campaign known as Operation Dream Job. "The threat actor tricks job seekers on social media into opening malicious apps for fake job interviews," Kaspersky

Qubitstrike Targets Jupyter Notebooks with Crypto Mining and Rootkit Campaign

A threat actor, presumably from Tunisia, has been linked to a new campaign targeting exposed Jupyter Notebooks in a two-fold attempt to illicitly mine cryptocurrency and breach cloud environments. Dubbed Qubitstrike by Cado, the intrusion set utilizes Telegram API to exfiltrate cloud service provider credentials following a successful compromise. "The payloads for the Qubitstrike campaign are

Warning: Unpatched Cisco Zero-Day Vulnerability Actively Targeted in the Wild

Cisco has warned of a critical, unpatched security flaw impacting IOS XE software that’s under active exploitation in the wild. Rooted in the web UI feature, the zero-day vulnerability is assigned as CVE-2023-20198 and has been assigned the maximum severity rating of 10.0 on the CVSS scoring system. It’s worth pointing out that the shortcoming only affects enterprise networking gear that have

ROMCOMLITE: Stealthier Version of ROMCOM Backdoor Targets Female Politicians

By Deeba Ahmed Watch out, ladies! This is a post from HackRead.com Read the original post: ROMCOMLITE: Stealthier Version of ROMCOM Backdoor Targets Female Politicians

WordPress Royal Elementor 1.3.78 Shell Upload

WordPress Royal Elementor plugin versions 1.3.78 and below suffer from a remote shell upload vulnerability.

Pro-Russian Hackers Exploiting Recent WinRAR Vulnerability in New Campaign

Pro-Russian hacking groups have exploited a recently disclosed security vulnerability in the WinRAR archiving utility as part of a phishing campaign designed to harvest credentials from compromised systems. "The attack involves the use of malicious archive files that exploit the recently discovered vulnerability affecting the WinRAR compression software versions prior to 6.23 and traced as

ShellBot Cracks Linux SSH Servers, Debuts New Evasion Tactic

The botnet — built for DDoS, backdooring, and dropping malware — is evading standard URL signature detections with a novel approach involving Hex IP addresses.