Researchers unmasked new command-and-control (C2) infrastructure belonging to the Russian threat actor APT29, aka Cozy Bear, that has been spotted using WellMess malware in an ongoing attack campaign. click here to read full Article...
Two security bugs in Zimbra webmail could allow an adversary to access and control mail… Zimbra Webmail Platform Vulnerabilities Discovered That Could Compromise Mail Servers on Latest Hacking News. click here to read full...
Cybersecurity researchers on Friday unmasked new command-and-control (C2) infrastructure belonging to the Russian threat actor tracked as APT29, aka Cozy Bear, that has been spotted actively serving WellMess malware as part of an ongoing...
Sygnia researchers reported a new APT group—Praying Mantis or TG1021—targeting Microsoft IIS web servers to reach victims’ internal networks to steal sensitive data. To stay protected, researchers recommend patching .NET deserialization vulnerabilities and scanning...
For the first time, researchers have publicly spotted a Linux encryptor used by the HelloKitty ransomware gang: the outfit behind the February attack on videogame developer CD Projekt Red. click here to read full...
Continuing with cracking down on cybercriminals, this time, the agencies have taken down an important… DoubleVPN Servers And Logs Seized In Joint EU Law Enforcement Operation on Latest Hacking News. click here to read...
Seemingly, a variant of the ransomware, Epsilon Red, relies on vulnerable Microsoft Exchange servers. Threat actors use them to launch mass server exploitation campaigns and try to expose companies’ information for revenue. click here...
At least 75% of the HSE’s IT servers have been decrypted and 70% of the health service’s computer devices have been restored to use following a cyber attack nearly six weeks ago. click here...
UChecker, an abbreviation for “userspace checker,” works with all modern Linux distributions and provides detailed actionable information on which application is using which vulnerable library. click here to read full Article Read More on...
Japanese multinational conglomerate Fujifilm has shut down part of its network to investigate a potential ransomware attack. The company, famous for its digital imaging products but also produces high-tech medical kits, including devices for...
The flaw is caused by the lack of input validation in the Virtual SAN (vSAN) Health Check plug-in, which is enabled by default in the vCenter Server. The vulnerability has received a CVSS score...
The malware’s core functionality enables operators to launch DDoS attacks, backdoor infected systems, sniff and exfiltrate network traffic, and deploy XMRig miners to mine for Monero cryptocurrency. click here to read full Article Read...
IMAPLoginTester is a simple Python script that reads a text file with lots of e-mails and passwords, and tries to check if those credentials are valid by trying to login to the respective IMAP...
A wormable vulnerability in the HTTP Protocol Stack of the Windows IIS server can also be used to attack unpatched Windows 10 and Server systems publicly exposing the WinRM service. click here to read...
A Black Path Toward The Sun (TCP tunneling over HTTP for web application servers) https://www.blackhat.com/us-16/arsenal.html#a-black-path-toward-the-sun Ben Lincoln, NCC Group, 2016 ABPTTS uses a Python client script and a web application server page/package[1] to tunnel...
Just as Colonial Pipeline restored all of its systems to operational status in the wake of a crippling ransomware incident a week ago, DarkSide, the cybercrime syndicate behind the attack, claimed it lost control of its...
