A new severe security vulnerability in IT service management software platform ConnectWise has been reported. The vulnerability affects the company’s Recover and R1Soft Server Backup Manager (SBM). The vulnerability has been described as “Improper Neutralization of Special Elements in Output…
What Is CVE-2022-3723? Google rolled out a security fix for a high severity vulnerability in its Chrome browser. CVE-2022-3723 is a type confusion issue in V8 JavaScript engine which was reported by Jan Vojtěšek, Milánek, and Przemek Gmerek of Avast.…
VMware just fixed a privately reported remote code execution vulnerability in its Cloud Foundation product. Known under the CVE-2021-39144 identifier, the vulnerability has a critical severity score of 9.8 out of 10. Fortunately, updates are already available for the affected…
Apple recently released updates to fix a zero-day, known as CVE-2022-42827, in iOS and iPadOS. According to the company, the vulnerability, which was reported anonymously, has been exploited in the wild. CVE-2022-42827 in Detail The vulnerability is an out-of-bounds write…
A new malicious framework has been discovered, featuring a command and control server and a new malware known as Insekt. Alchimist Framework Technical Overview Called Alchimist, the framework has a web interface written in Simplified Chinese and implemented in GoLang,…
Security researchers discovered a modified WhatsApp build, YoWhatsApp version 2.22.11.75 which hides a malicious module detected as Trojan.AndroidOS.Triada.eq (Triada trojan). YoWhatsApp Hides a Malicious Module According to Kaspersky’s Secure List, the module decrypted and launched the trojan’s main payload. The…
What has been patched in October 2022 Patch Tuesday? Microsoft has issued patches for 85 vulnerabilities, including one zero-day. Unfortunately, the so-called ProxyNotShell flaws (CVE-2022-41040 and CVE-2022-41082), have not been patched yet, and affected parties should follow Microsoft’s mitigation recommendations.…
Security researchers detected a number of malicious adult websites that push a fake ransomware, which in reality is a data wiper. Adult Websites Pushing a Fake Ransomware Instead of encrypting the victim’s data, the ransomware acts as a wiper, attempting…
Security researchers have detailed a new, multi-functional malware. Called LilithBot, the malware is associated with the Eternity Project threat group which has been active since at least January 2022. Another Addition to the Eternity Project’s Malware Arsenal The Eternity threat…
Two new zero-day vulnerabilities in Microsoft Exchange were recently reported by Microsoft and GTSC researchers. The two vulnerabilities, identified as CVE-2022-41040 and CVE-2022-41082, are known collectively as the ProxyNotShell exploit. CVE-2022-41040 is a server-side request forgery issue which can be…
The Prilex malware is back once again in three new versions. The malware has slowly been evolving from ATM-focused towards modular point-of-sale (PoS) malware. The Brazilian threat actor behind it has carried out “one of the largest attacks on ATMs…
We’re in the season of aggressive malware campaigns, evident by the increased number of attacks detected and analyzed by security researchers. One specific type of malware is especially important to carrying out successful distribution campaigns – the dropper. NullMixer is…
The Emotet malware is once again making the titles. According to a new AdvIntel report, so far in 2022, a total of 1,267,598 Emotet infections have been detected worldwide, with significant peaks between February and March, and June and July.…
This week Apple released an emergency update to address a new zero-day vulnerability that affects macOS and iOS. CVE-2022-32917 Zero-Day: Overview Reports indicate that the zero-day has already been exploited in the wild. Tracked as CVE-2022-32917 and reported anonymously, the…
There’s a new dangerous Linux malware circling the web. Dubbed Shikitega, the malware has been infecting both Linux computers and IoT devices with additional payloads. How Does the Shikitega Malware Operate to Infect a Linux System? Discovered by T&T Alien…
Cybersecurity researchers just uncovered another phishing-as-a-service [PaaS] platform. Called EvilProxy, the platform is specialized in reverse proxy phishing campaigns aiming to circumvent MFA [multi-factor authentication] mechanisms. EvilProxy: Reverse Proxy Phishing-as-a-Service Platform In computer networking, reverse proxy is a server situated…
A security loophole affecting Google Chrome, Apple’s Safari and Mozilla Firefox was recently discovered by security researcher Jeff Johnson. The flaw could enable malicious pages to automatically overwrite clipboard content without the need of user interaction. Chrome, Safari and Firefox…
A high severity vulnerability in the TikTok Android app has been fixed. The flaw could enable attackers to take over user accounts by tricking users into clicking a malicious link. Discovered by Microsoft, the vulnerability has already been fixed. Related…
ModernLoader is a new remote access trojan detected by Cisco Talos researchers. ModernLoader Campaigns in the Wild More specifically, the researchers analyzed three separate, but related campaigns in the period March-June 2022 that delivered ModernLoader, RedLine and several cryptocurrency miners.…
Agenda is a new strain of Golang ransomware specifically targeting healthcare and education organizations in Indonesia, Thailand, South Africa, and Saudi Arabia. Discovered by Trend Micro researchers, Agenda ransomware can reboot compromised systems in safe mode and can attempt to…
