PureCrypter is a new malware loader currently being developed by a threat actor known as PureCoder. The loader is fully-featured and has been sold in underground markets since at least March 2021, according to a new report by Zscaler researchers.…
Here’s an example of an actively exploited vulnerability which is now used by ransomware operators: CVE-2022-26134. This is indeed the critical Atlassian unauthenticated remote code execution vulnerability in its Confluence Server and Data Center. The vulnerability ensures initial access to…
HelloXD is the name of a relatively new ransomware family which has been carrying out double extortion attacks since November 2021. The ransomware has multiple variants that impact both Windows and Linux systems. What distinguishes HelloXD from other, similar ransomware…
A team of MIT CSAIL researchers recently disclosed PACMAN, “a novel hardware attack that can bypass Pointer Authentication (PAC) on the Apple M1 CPU.” The attack is based on speculative execution attacks to circumvent a central memory protection mechanism, known…
Symbiote, discovered by Blackberry researchers, is a new Linux malware designed to infect all running processes on infected machines. The malware is capable of stealing account credentials and providing backdoor access to its operators. A Look into Symbiote Linux Malware…
Recently, we wrote about the so-called Follina Windows vulnerability which was later given the CVE-2022-30190 identifier. The vulnerability was unearthed by the nao_sec research team, following the discovery of a Word Document uploaded to VirusTotal from a Belarusian IP address.…
Emotet malware is back with a new module designed to siphon credit card details specifically in Chrome. Emotet Is Back… Again The discovery comes from Proofpoint researchers who observed the new module being dropped by the E4 botnet. “To our…
A new malware loader on the rise. Hp Threat Research has released a new report detailing a new loader. The researchers have been observing new malicious spam campaigns since the end of April 2022, distributing a previously unknown malware, called…
Two security vulnerabilities, CVE-2022-30790 and CVE-2022-30552, were discovered in U-boot, a popular boot loader for embedded systems. The loader has many implementations for various architectures, and is present in most Linux-based embedded systems, including ChromeOS and Android. The two vulnerabilities…
Apple recently previewed its latest macOS Ventura version, which is expected to be released this fall. The operating system introduces many improvements and new features, one of which the so-called Rapid Security Response. macOS Ventura Introduces Rapid Security Response The…
Apple has released a new report dedicated to its App Store, revealing that the company protected its customers from losing approximately $1.5 billion in fraudulent transactions. Altogether, Apple stopped more than 1.6 million suspicious apps and app updates from affecting…
GitLab has discovered and fixed a highly critical vulnerability that could lead to account takeover. Tracked as CVE-2022-1680 and rated 9.9 out of 10 on the CVSS scale, the flaw affects all versions of GitLab Enterprise Edition from 11.10 before…
CVE-2022-26134 is a new critical unauthenticated remote code execution vulnerability in Confluence Server and Data Center. Atlassian has already confirmed that all supported versions of Confluence Server and Data Center are affected. However, the earliest affected version should be confirmed…
Security researchers discovered a malicious operation that made at least $1.7 million from cryptocurrency mining and clipboard hijacking. Unearthed by Symantec’s Threat Hunter Team, the malware in the operation, ClipMiner, shares lots of similarities with the KryptoCibule trojan, and it…
The XLoader, also known as Formbook, malware has now been equipped with new capabilities. Check Point security researchers have observed an enhanced version that has adopted a probability-based method to conceal its command-and-control servers. By implementing this approach, it is…
User tracking has been taken to another level. Vodafone, one of the largest telecommunications corporations in the world, is introducing a new advertising ID system, which is currently being tested in Germany together with Deutsche Telekom. TrustPid System Introduces Persistent…
Yesterday we reported the emergence of a new zero-day affecting Microsoft Office and other Microsoft products, dubbed Follina by researcher Kevin Beaumont. The issue exists in all currently supported Windows versions, and can be leveraged via Microsoft Office versions 2013…
Follina, now known as CVE-2022-30190 (mitigation is also available), is the name of a new zero-day in Microsoft Office that could be leveraged in arbitrary code execution attacks. The vulnerability was unearthed by the nao_sec research team, following the discovery…
A new distributed denial-of-service botnet has been detected in the wild. Update. According to a new research released by AT&T, EnemyBot is now quickly adopting “one-day vulnerabilities as part of its exploitation capabilities.” Services such as VMware Workspace ONE, Adobe…
Security researchers from cybersecurity firm Cisco Talos recently discovered eight vulnerabilities in the Open Automation Software (OAS) Platform. Vulnerabilities in the Open Automation Software Platform (CVE-2022-26082) The vulnerabilities could be used in various attacks, including denial-of-service caused by improper authentication.…
