Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Lazarus Group's infrastructure reuse leads to discovery of new malware

Lazarus Group appears to be changing its tactics, increasingly relying on open-source tools and frameworks in the initial access phase of their attacks, as opposed to strictly employing them in the post-compromise phase.

TALOS
Open in Source
#vulnerability#web#mac#windows#microsoft#amazon#linux#cisco#git#php#log4j#auth#ssl
Three vulnerabilities in NVIDIA graphics driver could cause memory corruption

The driver is vulnerable to memory corruption if an adversary sends a specially crafted shader packer, which can lead to a memory corruption problem in the driver.

Syrian Threat Actor EVLF Unmasked as Creator of CypherRAT and CraxsRAT Android Malware

A Syrian threat actor named EVLF has been outed as the creator of malware families CypherRAT and CraxsRAT. "These RATs are designed to allow an attacker to remotely perform real-time actions and control the victim device's camera, location, and microphone," Cybersecurity firm Cyfirma said in a report published last week. CypherRAT and CraxsRAT are said to be offered to other cybercriminals as

Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders.

In large metropolitan areas, tourists are often easy to spot because they're far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is a dead giveaway in virtually all computer intrusions that lead to devastating attacks like ransomware, and that more organizations should set simple virtual tripwires that sound the alarm when authorized users and devices are spotted exhibiting this behavior.

TSPlus 16.0.2.14 Insecure Permissions

TSPlus version 16.0.2.14 suffers from an insecure permissions vulnerability.

Update now! WinRAR files can be abused to run malware

Categories: Exploits and vulnerabilities Categories: News Tags: WinRAR Tags: CVE-2023-40477 Tags: RCE Tags: Windows 11 A new version of WinRAR is available that patches two vulnerabilities attackers could use for remote code execution. (Read more...) The post Update now! WinRAR files can be abused to run malware appeared first on Malwarebytes Labs.

Carderbee Attacks: Hong Kong Organizations Targeted via Malicious Software Updates

A previously undocumented threat cluster has been linked to a software supply chain attack targeting organizations primarily located in Hong Kong and other regions in Asia. The Symantec Threat Hunter Team, part of Broadcom, is tracking the activity under its insect-themed moniker Carderbee. The attacks, per the cybersecurity firm, leverage a trojanized version of a legitimate software called

New Supply Chain Attack Hit Close to 100 Victims—and Clues Point to China

The hackers, who mostly targeted victims in Hong Kong, also hijacked Microsoft’s trust model to make their malware harder to detect.

Chinese Hackers Using Stolen Ivacy VPN Certificate To Sign Malware

By Waqas Bronze Starlight hackers have been cleverly utilizing a valid Ivacy VPN code-signing certificate to target the Southeast Asian gambling industry. This is a post from HackRead.com Read the original post: Chinese Hackers Using Stolen Ivacy VPN Certificate To Sign Malware