Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

Microsoft Follina Bug Is Back in Meme-Themed Cyberattacks Against Travel Orgs

A two-bit comedian is using a patched Microsoft vulnerability to attack the hospitality industry, and really laying it on thick along the way.

DARKReading
Open in Source
#vulnerability#web#mac#microsoft#ddos#dos#git#backdoor#rce#auth
Industrial Cellular Routers at Risk: 11 New Vulnerabilities Expose OT Networks

Several security vulnerabilities have been disclosed in cloud management platforms associated with three industrial cellular router vendors that could expose operational technology (OT) networks to external attacks. The findings were presented by Israeli industrial cybersecurity firm OTORIO at the Black Hat Asia 2023 conference last week. The 11 vulnerabilities allow "remote code execution and

Researchers Uncover Powerful Backdoor and Custom Implant in Year-Long Cyber Campaign

Government, aviation, education, and telecom sectors located in South and Southeast Asia have come under the radar of a new hacking group as part of a highly-targeted campaign that commenced in mid-2022 and continued into the first quarter of 2023. Symantec, by Broadcom Software, is tracking the activity under its insect-themed moniker Lancefly, with the attacks making use of a "powerful"

New 'MichaelKors' Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems

A new ransomware-as-service (RaaS) operation called MichaelKors has become the latest file-encrypting malware to target Linux and VMware ESXi systems as of April 2023. The development points to cybercriminal actors increasingly setting their eyes on the ESXi, cybersecurity firm CrowdStrike said in a report shared with The Hacker News. "This trend is especially noteworthy given the fact that ESXi

CLR SqlShell Malware Targets MS SQL Servers for Crypto Mining and Ransomware

Poorly managed Microsoft SQL (MS SQL) servers are the target of a new campaign that's designed to propagate a category of malware called CLR SqlShell that ultimately facilitates the deployment of cryptocurrency miners and ransomware. "Similar to web shell, which can be installed on web servers, SqlShell is a malware strain that supports various features after being installed on an MS SQL server,

The UK’s Secretive Web Surveillance Program Is Ramping Up

A government effort to collect people’s internet records is moving beyond its test phase, but many details remain hidden from public view.

New Variant of Linux Backdoor BPFDoor Uncovered After Years of Staying Under the Radar

A previously undocumented and mostly undetected variant of a Linux backdoor called BPFDoor has been spotted in the wild, cybersecurity firm Deep Instinct said in a technical report published this week. "BPFDoor retains its reputation as an extremely stealthy and difficult-to-detect malware with this latest iteration," security researchers Shaul Vilkomir-Preisman and Eliran Nissan said. BPFDoor (

CACTUS ransomware evades antivirus and exploits VPN flaws to hack networks

By Deeba Ahmed CACTUS ransomware operators target large-scale commercial organizations with double extortion to steal sensitive data before encryption. This is a post from HackRead.com Read the original post: CACTUS ransomware evades antivirus and exploits VPN flaws to hack networks

Microsoft reports two Iranian hacking groups exploiting PaperCut flaw

By Deeba Ahmed The two groups exploiting the vulnerability are Mango Sandstorm and Mint Sandstorm. Both are linked to the Iranian government and intelligence agencies. This is a post from HackRead.com Read the original post: Microsoft reports two Iranian hacking groups exploiting PaperCut flaw

Navigating mobile malware trends: Crucial insights and predictions for MSPs

Categories: Business How MSPs can prepare for the complex landscape of mobile malware. (Read more...) The post Navigating mobile malware trends: Crucial insights and predictions for MSPs appeared first on Malwarebytes Labs.