After the publication of a working Proof-Of-Concept for Drupalgeddon2 on GitHub experts started observing attackers using it to deliver backdoors and crypto miners. At the end of March, the Drupal Security Team confirmed that a âhighly criticalâ vulnerability (dubbed Drupalgeddon2), tracked as CVE-2018-7600, was affecting Drupal 7 and 8 core and announced the availability of security updates on March 28th. The […]
Malware researchers from Abuse.ch, BrillantIT, and Proofpoint have sinkholed the control infrastructure behind EITest campaign and shut down it. Malware researchers from Abuse.ch, BrillantIT, and Proofpoint have sinkholed the control infrastructure behind EITest campaign that leveraged on a network of hacked servers exploited by crooks to distribute traffic (TDS). The network was used to redirect users to compromised domains hosting exploit kits, delivering […]
Security experts at Trend Micro have discovered a new macOS backdoor that they linked to the APT 32 (OceanLotus, APT-C-00, SeaLotus, and Cobalt Kitty) cyber espionage group. The APT32 group has been active since at least 2013, according to the experts it is a state-sponsored hacking group. The hackers hit organizations across multiple industries and have also targeted foreign […]
The OceanLotus APT group, also known as APT32 and APT-C-00, has been using a new backdoor in recently observed attacks. The OceanLotus Group has been active since at least 2013, according to the experts it is a state-sponsored hacking group linked to Vietnam, most of them in Vietnam, the Philippines, Laos, and Cambodia. The hackers targeting […]
Security researcher Alexey Firsh at Kaspersky Lab last discovered a Telegram zero-day in the desktop Windows version that was exploited in attacks in the wild. Security researcher Alexey Firsh at Kaspersky Lab last discovered a zero-day vulnerability in the desktop Windows version of the popular Telegram instant messaging app. The bad news is that the […]
Lenovo discovered a firmware backdoor in RackSwitch and BladeCenter networking switch families during an internal security audit. Security experts at Levono have spotted a firmware backdoor, tracked CVE-2017-3765, in RackSwitch and BladeCenter networking switch families during an internal security audit. An authentication bypass affects only in RackSwitch and BladeCenter switches running ENOS (Enterprise Network Operating System), the tech giant […]
Experts discovered that the popular WordPress Captcha plugin installed on over 300,000 sites was recently updated to deliver a hidden backdoor. Security experts at WordFence have discovered that the popular WordPress Captcha plugin installed on over 300,000 sites was recently updated to deliver a hidden backdoor. The WordPress team promptly removed the plugin from the official WordPress […]
Experts at Malwarebytes warns of a new variant of the macOS OceanLotus backdoor is using an innovative technique to avoid detection, A few years ago the bad actors realized they could use UNICODE characters that looked like English characters to lead unsuspecting victims to malicious websites. Now, they have figured out how to use a […]
A new report published by ClearSky linked a man accused by U.S. authorities of hacking into the systems of HBO to the Iranian cyber espionage group Charming Kitten. Experts from the security firm ClearSky have published a new detailed report on the activities of Charming Kitten APT group, also known as Newscaster and NewsBeef. The Newscaster group made the headlines […]
Malware researchers from Symantec have spotted a new cyber espionage APT dubbed Sowbug group that has been active at least since 2015. A new cyber espionage group dubbed Sowbug appeared in the threat landscape, according to the experts it has been active since 2015 and was involved in highly targeted attacks against a host of government organizations in […]