A new macOS variant of a malware implant has been discovered. The so-called Gimmick malware is attributed to a threat group, known as Storm Cloud. The Gimmick malware has been described as feature-rich and multi-platform, using public cloud hosting services,…
Security researchers reported several new vulnerabilities in Dell BIOS that could lead to remote code execution attacks. The said, highly severe vulnerabilities are tracked as CVE-2022-24415, CVE-2022-24416, CVE-2022-24419, CVE-2022-24420, and CVE-2022-24421, with a severity rating of 8.2 out of 10…
Browser-in-the-browser (BitB) is a new type of attack that can be leveraged to simulate a browser window within the browser to spoof a legitimate domain. The technique can be used to perform credible phishing attacks. Browser-in-the-Browser Phishing Technique Explained Discovered…
A new rootkit has been detected in the wild, targeting Oracle Solaris systems and aiming at ATMs. According to Mandiant research and analysis, the so-called UNC2891 threat actors initiated rootkit intrusions that appeared to be financially motivated, in some cases…
DirtyMoe is the name of a new malware sample with worming capabilities (with cryptomining as a primary purpose) analyzed by Avast researchers. The analysis reveals that the worming module targets older, well-known vulnerabilities, such as Eternal blue and Hot Potato.…
Have you heard of protestware? Researchers have been tracking the so-called protestware projects across GitHub with recently added code that displays “Stand with Ukraine” messages. The same researchers are also tracking several code packages, recently modified to delete files on…
A new Intel 471 whitepaper throws light on the ransomware variants detected in the fourth quarter of 2021. 722 ransomware attacks were detected during the fourth quarter of last year, which is an increase of 110 attacks recorded from the…
Security researchers disclose another data wiper aimed at Ukraine, CaddyWiper. CaddyWiper Was Compiled Hours Before Deployment CaddyWiper is a destructive malware discovered by ESET researchers. The wiper was first observed on March 14, around 9:38 UTC, and according to caddy.exe…
Security researcher Nick Gregory recently discovered and reported a new Linux kernel vulnerability. Tracked as CVE-2022-25636, the issue impacts Linux kernel versions 5.4 through 5.6.10. The vulnerability is triggered by a heap-of-bounds write in the Netfilter subcomponent of the kernel,…
Russia currently offers its own TLS (Transport Layer Security) CA (certificate authority) that should fix the issue of renewing certificates issued by other countries. Russia’s New TLS Certificate Authority The event is connected to the numerous sanctions imposed by western…
“The criminal crypto world combines old and new ways to manipulate markets,” say Chainanalysis and Avast experts. According to a recent Chainanalysis write-up, North Korean hackers had a very successful 2021 year. As a result of launching at least seven…
Security researchers report the discovery of a new ransomware which displays similarities to Hive. The latter has been considered one of the most prominent ransomware families of 2021, successfully breaching more than 300 organizations in just four months, Trend Micro’s…
71 security vulnerabilities were fixed by Microsoft in its March 2022 Patch Tuesday, three of which rated critical and the rest rated as important. The Three Critical Vulnerabilities in March 2022 Patch Tuesday Fortunately, none of them is listed as…
Google is buying cybersecurity company Mandiant in an all-cash deal, valued at $5.4 billion. The news comes from an announcement the two companies recently made. According to Google’s press release, Google has signed “a definitive agreement to acquire Mandiant Inc.”,…
A new set of supply chain vulnerabilities have been discovered affecting PTC’s Axeda agent, affecting various vendors in a range of industries, including healthcare and financial. Axeda offers a scalable foundation to build and deploy enterprise-grade applications for connected products,…
A new dangerous Linux vulnerability is lurking in unpatched distributions. Called Dirty Pipe and tracked as CVE-2022-0847, the vulnerability is located in the kernel (since version 5.8), creating the possibility for threat actors to overwrite arbitrary data into any read-online…
A new high-severity Linux kernel vulnerability could have been abused to escape a container in order to execute arbitrary commands on the host. The vulnerability is tracked as CVE-2022-0492, and has been detailed by Palo Alto Unit 42 Networks researchers.…
Two out-of-band updates were just released to address a couple of zero-day vulnerabilities in Mozilla Firefox. Mozilla says that both vulnerabilities are being actively exploited in the wild, meaning that patching should be done as soon as possible. Due to…
Another stealthy, rootkit backdoor used for espionage has been uncovered. The malware, dubbed Daxin and Backdoor.Daxin, is capable of carrying out attacks against hardened networks, said Symantec Threat Hunter team researchers. A Look into Daxin Backdoor Daxin is described as…
Security researchers detected a new advanced persistent threat campaign, which was first identified in relation to the Zoho ManageEngine ADSelfService Plus vulnerability CVE-2021-40539 and ServiceDesk Plus vulnerability CVE-2021-44077. According to Palo Alto Unit 42, the threat actors behind the campaign…
