Lightning Framework, modular Linux malware
Researchers at Intezer have published a technical analysis of Lightning Framework, a previously undocumented and undetected Linux threat. Lightning is...
News
Lock down your Neopets account: Data breach being investigated
Bad news for players of long-time virtual pet management title Neopets. Word is spreading of a compromise claimed to have...
Zero Day attacks target online stores using PrestaShop
Thera actors are exploiting a zero-day vulnerability to steal payment information from sites using the open source e-commerce platform PrestaShop. Threat actors are...
CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit
Introduction Rootkits are malware implants which burrow themselves in the deepest corners of the operating system. Although on paper they...
CosmicStrand, a new sophisticated UEFI firmware rootkit linked to China
Kaspersky uncovered a new UEFI firmware rootkit, tracked as CosmicStrand, which it attributes to an unknown Chinese-speaking threat actor. Researchers...
LockBit Ransomware Group Augments Its Latest Variant, LockBit 3.0, With BlackMatter Capabilities
In June 2022, LockBit revealed version 3.0 of its ransomware. In this blog entry, we discuss the findings from our...
Flaws in FileWave MDM could have allowed to hack +1000 organizzations
Multiple flaws in FileWave mobile device management (MDM) product exposed organizations to cyberattacks. Claroty researchers discovered two vulnerabilities in the...
Lockbit ransomware gang claims to have breached the Italian Revenue Agency
The ransomware group Lockbit claims to have stolen 78 GB of files from the Italian Revenue Agency (Agenzia delle Entrate). The ransomware gang...
Amadey malware spreads via software cracks laced with SmokeLoader
Operators behind the Amadey Bot malware use the SmokeLoader to distribute a new variant via software cracks and keygen sites....
Drupal developers fixed a code execution flaw in the popular CMS
Drupal development team released security updates to fix multiple issues, including a critical code execution flaw. Drupal developers have released...
Is APT28 behind the STIFF#BIZON attacks attributed to North Korea-linked APT37?
North Korea-linked APT37 group targets high-value organizations in the Czech Republic, Poland, and other countries. Researchers from the Securonix Threat...
Security Affairs newsletter Round 375 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
A database containing data of 5.4 million Twitter accounts available for sale
Threat actor leaked data of 5.4 million Twitter users that were obtained by exploiting a now patched flaw in the...
FBI seized $500,000 worth of bitcoin obtained from Maui ransomware attacks
The U.S. DoJ seized $500,000 worth of Bitcoin from North Korea-linked threat actors who are behind the Maui ransomware. The...
SonicWall fixed critical SQLi in Analytics and GMS products
Security company SonicWall released updates to address a critical SQL injection (SQLi) flaw in Analytics On-Prem and Global Management System...
Account lockout policy in Windows 11 is enabled by default to block block brute force attacks
Starting with Windows 11 Microsoft introduce by default an account lockout policy that can block brute force attacks. Starting with...
Hackers breached Ukrainian radio station to spread fake news about Zelensky ‘s health
Threat actors hacked the Ukrainian radio station TAVR Media and broadcasted fake news on the critical health condition of President...
Candiru surveillance spyware DevilsTongue exploited Chrome Zero-Day to target journalists
The spyware developed by Israeli surveillance firm Candiru exploited recently fixed CVE-2022-2294 Chrome zero-day in attacks on journalists. Researchers from...
TA4563 group leverages EvilNum malware to target European financial and investment entities
A threat actor tracked as TA4563 is using EvilNum malware to target European financial and investment entities. A threat actor,...
Alibaba OSS Buckets Compromised to Distribute Malicious Shell Scripts via Steganography
In this blog entry, we discuss a malicious campaign that targets Alibaba Cloud’s OSS buckets with leaked credentials for malware...
Threat actors target software firm in Ukraine using GoMet backdoor
Threat actors targeted a large software development company in Ukraine using the GoMet backdoor. Researchers from Cisco Talos discovered an...
Lightning Framework, a previously undetected malware that targets Linux systems
Researchers discovered a previously undetected malware dubbed ‘Lightning Framework’ that targets Linux systems. Researchers from Intezer discovered a previously undetected...
Atlassian patched a critical Confluence vulnerability
Atlassian released security updates to address a critical security vulnerability affecting Confluence Server and Confluence Data Center. Atlassian released security updates...
Ring shares data with police without consent (but it’s in good faith), says Amazon
Ring, the Amazon-owned company behind the popular smart doorbells, has admitted to giving doorbell data to law enforcement willy-nilly. All...
