#backdoor

By Deeba Ahmed Cybersecurity researchers at Securelist have discovered a cyberattack against a power-generating firm in South Africa. Reportedly, the firm… This is a post from HackRead.com Read the original post: South African Power Supplier Hit by DroxiDat Malware

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database.A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to read, modify, or delete arbitrary database records.

Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object.

Multiple security vulnerabilities impacting CyberPower's PowerPanel Enterprise Data Center Infrastructure Management (DCIM) platform and Dataprobe's iBoot Power Distribution Unit (PDU) could be potentially exploited to gain unauthenticated access to these systems and inflict catastrophic damage in target environments. The nine vulnerabilities, from CVE-2023-3259 through CVE-2023-3267, carry

European and U.S. law enforcement agencies have announced the dismantling of a bulletproof hosting service provider called Lolek Hosted, which cybercriminals have used to launch cyber-attacks across the globe. "Five of its administrators were arrested, and all of its servers seized, rendering LolekHosted.net no longer available," Europol said in a statement. "The service facilitated the

By Deeba Ahmed MoustachedBouncer is a Belarusian government-backed hacking group that has been active since 2014. This is a post from HackRead.com Read the original post: MoustachedBouncer Hackers Caught Spying on Embassies

A hitherto undocumented threat actor operating for nearly a decade and codenamed MoustachedBouncer has been attributed to cyber espionage attacks aimed at foreign embassies in Belarus. "Since 2020, MoustachedBouncer has most likely been able to perform adversary-in-the-middle (AitM) attacks at the ISP level, within Belarus, in order to compromise its targets," ESET security researcher Matthieu

Cross Site Scripting (XSS) vulnerability in Query Report feature in Zoho ManageEngine Password Manager Pro version 11001, allows remote attackers to execute arbitrary code and steal cookies via crafted JavaScript payload.

CSV Injection vulnerability in ChurchCRM version 4.2.0, allows remote attackers to execute arbitrary code via crafted CSV file.

The Chinese threat actor known as APT31 (aka Bronze Vinewood, Judgement Panda, or Violet Typhoon) has been linked to a set of advanced backdoors that are capable of exfiltrating harvested sensitive information to Dropbox. The malware is part of a broader collection of more than 15 implants that have been put to use by the adversary in attacks targeting industrial organizations in Eastern Europe