Security researchers detail a new phishing-as-a-service (Phaas) platform in a recently released report. The platform is an example of how initial access brokers gain a foothold in organizations’ networks. Robin Banks is the name of a new PhaaS platform which,…
Unsecured wi-fi networks have proven to be a gateway to many attacks. More particularly, poorly configured access point encryption (or services that allow data to be sent without being encrypted) has been outlined as one of the biggest threats to…
Security researchers detailed the discovery of a new, previously undetected malware sample specifically designed to target the Linux environment. The malware showcases sophisticated capabilities and is “an intricate framework developed for targeting Linux systems,” Intezer researchers said in their technical…
Security researchers reported the discovery of a new cross-platform ransomware strain coded to target Windows, Linux, and ESXi systems. Meet the New Cross-Platform Luna Ransomware Discovered by Kaspersky’s Darknet Threat Intelligence monitoring system, the so-called Luna ransomware is advertised on…
Apple has released fixes addressing 37 software vulnerabilities in its operating systems iOS, iPadOS, macOS, tvOS, and watchOS. The flaws affect different parts of iOS and macOS and could be used for escalation of privilege, arbitrary code execution, information disclosure…
A new macOS backdoor is making rounds in the wild in targeted attacks aiming to steal sensitive information. CloudMensis macOS Backdoor: What’s Known So Far The backdoor, called CloudMensis, is exclusively using public cloud storage services to communicate with the…
Microsoft 365 Defender Research Team and Microsoft Threat Intelligence Center (MSTIC) detailed a large-scale phishing campaign that utilized the so-called adversary-in-the-middle (AiTM) phishing sites. The sites were deployed to harvest passwords, hijack sign-in sessions, and skip authentication processes, including MFA…
Microsoft recently disclosed a macOS vulnerability, identified as CVE-2022-26706, that could allow specially crafted codes to escape the App Sandbox and run unrestricted. The findings have been shared with Apple via the Coordinated Vulnerability Disclosure and Microsoft Security Vulnerability Research…
CVE-2021-22048 is a high-severity privilege escalation vulnerability in the VMware vCenter Server IWA mechanism, which also affects the Cloud Foundation hybrid platform. Eight months after the vulnerability was disclosed, the company released a patch for one of the affected versions.…
Axie Infinity is a popular blockchain gaming platform which was involved in a large hacking incident resulting in the loss of $540 million in cryptocurrency. The platform is a non-fungible token-based online video game developed by Vietnamese studio Sky Mavis,…
CVE-2022-34265 is a new high severity vulnerability in the Django project, an open-source Python-based web framework. The vulnerability has been reported by Takuto Yoshikai from Aeye Security Lab. CVE-2022-34265: Short Technical Overview The vulnerability has been fixed in Django 4.0.6…
YTStealer is a new malware designed to steal YouTube authentication cookies. Discovered by Intezer researchers, the malware, which is based on the Chacal open-source GitHub project, operates as a typical stealer. Once installed, its first goal is performing environment checks…
Security researchers discovered a new sandbox evasion technique. Called API hammering, the technique involves the use of a large number of calls to Windows APIs to achieve an extended sleep condition. The latter helps to evade detection in sandbox environments.…
Cybersecurity researchers detected a new malware tool that helps threat actors build malicious Windows shortcut files, known as .LNK files. Quantum LNK Builder and the Use of .lnk Files Dubbed Quantum Lnk Builder, the tool is currently being offered for…
CVE-2019-11043 is a critical, three-year-old PHP vulnerability that currently exposes QNAP NAS devices. CVE-2019-11043 Technical Overview The vulnerability affects PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24, and 7.3.x below 7.3.11 with improper nginx config. According to its technical profile,…
CVE-2022-22620 is a security vulnerability in Apple’s Safari browser which has been exploited in the wild. Originally patched in 2013, the flaw re-emerged in December 2016, Maddie Stone from Google Project Zero said in her analysis. The researcher referred to…
CVE-2022-25845 is a high-severity security flaw (rating 8.1 out of 10 on the CVSS scale) in the well-known Fastjson library which could be used in remote code execution attacks. Fortunately, the vulnerability is already patched. The vulnerability stems from deserialization…
Hertzbleed is a new family of side-channel attacks associated with frequency side channels that may allow information disclosure. The issue was discovered and detailed by a group of researchers from University of Texas, University of Washington, and University of Illinois…
Microsoft’s June 2022 Patch Tuesday has rolled out, containing fixes for 55 vulnerabilities, including the infamous Follina flaw. Until today, only a mitigation was available for the CVE-2022-30190 Microsoft Office zero-day which could be leveraged in arbitrary code execution attacks.…
PureCrypter is a new malware loader currently being developed by a threat actor known as PureCoder. The loader is fully-featured and has been sold in underground markets since at least March 2021, according to a new report by Zscaler researchers.…
