Experts shared PoC exploit code for RCE in Zoho ManageEngine ADAudit Plus tool
Researchers shared technical details and proof-of-concept exploit code for the CVE-2022-28219 flaw in Zoho ManageEngine ADAudit Plus tool. Security researchers...
News
A ransomware attack forced publishing giant Macmillan to shuts down its systems
A cyber attack forced the American publishing giant Macmillan to shut down its IT systems. The publishing giant Macmillan has...
SessionManager Backdoor employed in attacks on Microsoft IIS servers worldwide
Researchers warn of a new ‘SessionManager’ Backdoor that was employed in attacks targeting Microsoft IIS Servers since March 2021. Researchers...
A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers
Microsoft spotted a cloud threat actor tracked as 8220 that is now targeting Linux servers in a long-running cryptomining campaign....
ZuoRAT is a sophisticated malware that mainly targets SOHO routers
Researchers have analysed a campaign leveraging infected SOHO routers to target predominantly North American and European networks of interest. The...
Raccoon Stealer returns with a new bag of tricks
The popular malware Raccoon stealer, which suspended operations after a developer allegedly died in the Ukraine invasion, has returned. Raccoon...
Immigration organisations targeted by APT group Evilnum
Organisations working in the immigration sector are advised to be on high alert for Advanced Persistent Threat (APT) attacks. Bleeping...
Pro-Russian hackers launched a massive DDoS attack against Norway
Norway’s National Security Authority (NSM) confirmed that a DDoS attack took down some of the country’s most important websites. Norway’s...
The SessionManager IIS backdoor
Following on from our earlier Owowa discovery, we continued to hunt for more backdoors potentially set up as malicious modules...
Korean cybersecurity agency released a free decryptor for Hive ransomware
Good news for the victims of the Hive ransomware, Korean security researchers have released a free decryptor for some versions....
Black Basta Ransomware Operators Expand Their Attack Arsenal With QakBot Trojan and PrintNightmare Exploit
We look into a recent attack orchestrated by the Black Basta ransomware ransomware group that used the banking trojan QakBot...
DevOps vs SRE: Differences & Similarities
While DevOps and site reliability engineering teams often work together and have shared goals, there are important distinctions between the...
Experts blame North Korea-linked Lazarus APT for the Harmony hack
North Korea-linked Lazarus APT group is suspected to be behind the recent hack of the Harmony Horizon Bridge. Recently, threat...
Ex-Canadian government employee admits to being a member of the Russian cybercrime gang NetWalker
A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. A former...
YTStealer info-stealing malware targets YouTube content creators
Researchers detailed a new information-stealing malware, dubbed YTStealer, that targets YouTube content creators. Intezer cybersecurity researchers have detailed a new...
How to Present Cloud Risk to the Board
Trend Micro Security Researcher, Erin Sindelar, breaks down three popular types of cloud risk assessments to help CISOs and security...
Path Traversal flaw in UnRAR utility can allow hacking Zimbra Mail servers
Researchers discovered a new flaw in RARlab’s UnRAR utility, tracked CVE-2022-30333, that can allow to remotely hack Zimbra Webmail servers....
Mitre shared 2022 CWE Top 25 most dangerous software weaknesses
The MITRE organization published the 2022 CWE Top 25 most dangerous software weaknesses. The MITRE shared the list of the 2022 top...
Brave Search wants to replace Google’s biased search results with yours
Brave Search, Brave Software’s privacy search engine, just turned one. To celebrate, the company says it is moving the search...
City worker loses USB stick containing data on every resident after day of drinking
A person working in the city of Amagasaki, in Western Japan, has mislaid a USB stick which contained data on...
Hermit spyware is deployed with the help of a victim’s ISP
Google’s Threat Analysis Group (TAG) has revealed a sophisticated spyware activity involving ISPs (internet service providers) aiding in downloading powerful...
RansomHouse gang claims to have stolen 450GB of data from chip maker giant AMD
The RansomHouse gang claims to have breached the Chipmaker giant AMD and stole 450 GB of data from the company...
NON-STATE ACTORS IN THE CYBERSPACE: AN ATTEMPT TO A TAXONOMIC CLASSIFICATION, ROLE, IMPACT AND RELATIONS WITH A STATE’S SOCIOECONOMIC STRUCTURE
This paper provides a taxonomic classification of non-state actors in the cyberspace, analyzing their role and impact on a state’s...
Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware
We analyzed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these...
