A new dangerous Linux vulnerability is lurking in unpatched distributions. Called Dirty Pipe and tracked as CVE-2022-0847, the vulnerability is located in the kernel (since version 5.8), creating the possibility for threat actors to overwrite arbitrary data into any read-online…
A new high-severity Linux kernel vulnerability could have been abused to escape a container in order to execute arbitrary commands on the host. The vulnerability is tracked as CVE-2022-0492, and has been detailed by Palo Alto Unit 42 Networks researchers.…
Two out-of-band updates were just released to address a couple of zero-day vulnerabilities in Mozilla Firefox. Mozilla says that both vulnerabilities are being actively exploited in the wild, meaning that patching should be done as soon as possible. Due to…
Another stealthy, rootkit backdoor used for espionage has been uncovered. The malware, dubbed Daxin and Backdoor.Daxin, is capable of carrying out attacks against hardened networks, said Symantec Threat Hunter team researchers. A Look into Daxin Backdoor Daxin is described as…
Security researchers detected a new advanced persistent threat campaign, which was first identified in relation to the Zoho ManageEngine ADSelfService Plus vulnerability CVE-2021-40539 and ServiceDesk Plus vulnerability CVE-2021-44077. According to Palo Alto Unit 42, the threat actors behind the campaign…
A new data wiper malware has been discovered, reportedly used in attacks against machines in Ukraine, following the news of Russia launching a military operation against the country. HermeticWiper Malware Used in Attacks Against Ukraine The wiper malware has been…
Another information stealer is being distributed with the help of pirated software websites. CryptBot, a well-known infostealer, has been “seen” on numerous sites that offer free downloads for cracked games and pro-grade software. CryptBot: A Constantly Evolving Infostealer Cryptbot has…
An NFT-related cybersecurity incident involving the OpenSea NFT marketplace took place over the weekend. Apparently, threat actors exploited a smart contract migration to deceit 17 users, resulting in a loss of nearly 3 million dollars worth of NFTs (non-fungible tokens).…
Great news for Hive ransomware victims – security researchers found a way to decipher its encryption algorithm without using the master key. A group of academics from South Korea’s Kookmin University have shared their curious findings in a detailed report…
CVE-2022-24087 is another critical vulnerability that Adobe had to address quickly, following the disclosure of CVE-2022-24086. CVE-2022-24087: New Critical Adobe Bug CVE-2022-24086 is a critical, zero-day security vulnerability that affected Adobe’s Commerce and Magento open-source products. The vulnerability, which has…
There’s hardly anyone today who hasn’t heard about NFTs. However, how many of us do actually understand the concept of NFT? Being a cybersecurity website, we decided to have a look at the security side of the so-called non-fungible tokens.…
Google recently announced “a multi-year initiative to build the Privacy Sandbox on Android”. The Goal of Privacy Sandbox on Android The goal of the initiative is introducing new, more privacy-oriented advertising solutions that will limit the sharing of user data…
A new variant of the MyloBot malware is used in sextortion campaigns. Apparently, the malware deploys malicious payloads that hackers use to send sextortion emails with demands of $2,732 in cryptocurrency. New Version of MyloBot Detected Minerva researchers recently came…
CVE-2022-0609 is a new zero-day vulnerability in Google Chrome which has been used by threat actors in attacks. CVE-2022-0609 in Google Chrome – What Is Known? Google has already released Chrome 98.0.4758.102 for Windows, Mac, and Linux to address the…
CVE-2022-24086 is a critical, zero-day security vulnerability affecting Adobe’s Commerce and Magento open-source products. The vulnerability, which has a CVSS score of 9.8 out of 10, is actively exploited in the wild in limited attacks. Fortunately, a patch is already…
Security researchers have been observing an increasing exploitation of regsvr32.exe, which is a Windows living-off-the-land binary, shortly known as LOLBin. Some of the analyzed malware samples belong to Qbot and Lokibot, according to Uptycs researchers. Threat Actors Abusing Regsvr32 What…
Currently, active campaigns against Android users are carrying FluBot and Medusa banking trojans. Both trojans are using the same distribution mechanism in a simultaneous attack campaign. The discovery comes from security researchers at ThreatFabric. Medusa and FluBot Trojans Working Together…
CVE-2022-24348 is a high-severity security vulnerability in Argo CD that could enable threat actors to access a victim’s application-development environments, making it possible to harvest passwords, API keys, tokens, among other sensitive details. CVE-2022-24348 in Argo CD Needs Immediate Patching…
According to an alert released by CISA (U.S. Cybersecurity and Infrastructure Agency), federal agencies should immediately address CVE-2022-21882, a Win32k Elevation of Privilege vulnerability. CVE-2022-21882 Elevation of Privilege Windows Vulnerability The Windows flaw could be exploited by threat actors to…
Security researchers recently uncovered a malicious campaign using SEO poisoning to trick potential victims into downloading the BATLOADER malware. The attackers used created malicious sites packed with keywords of popular software products, and used search engine optimization poisoning to make…
