Experts at F5 Networks discovered a cryptomining campaign that is delivering a new piece of the Golang malware that targets Linux-based servers. F5 experts uncovered a cryptominer campaign that is delivering a new strain of Golang malware that targets Linux-based servers. The campaign began around June 10 and already infected several thousand machines. The malicious […]
Researchers at Network Security Research Lab of Qihoo 360 discovered a Lua-based backdoor dubbed Godlua that targets both Linux and Windows systems. The peculiarity of this new piece of malware is the ability to communicate with C2 servers via DNS over HTTPS (DoH). The DoH protocol was a new standard proposed in October 2018 and it is […]
Magento addressed flaws that could be exploited by unauthenticated attackers to hijack administrative sessions and completely take over online stores. Magento addressed security vulnerabilities that could be chained by an unauthenticated attacker to hijack administrative sessions and completely take over online stores. The attacker would first exploit a Stored Cross-Site Scripting (XSS) vulnerability to inject […]
Kaspersky experts discovered that Sodinokibi, aka Sodin, Ransomware currently also exploits the CVE-2018-8453 vulnerability to elevate privileges in Windows The Sodinokibi Ransomware (aka Sodin, REvil) appeared in the threat landscape in April when crooks were delivering it by exploiting a recently patched Oracle WebLogic Server vulnerability. Now the threat is evolving, the Sodinokibi ransomware includes fresh […]
Opening an HTML file on Firefox could allow attackers to steal files stored on a victim’s computer due to a weakness in the popular web browser. The security expert Barak Tawily demonstrated that opening an HTML file on Firefox could allow attackers to steal files stored on a victim’s computer due to a 17-year-old known bug in […]
Group-IB believes Silence APT, the Russian-speaking cybercriminal gang, is likely to be behind the attack on Dutch Bangla Bankâs ATMs resulting in the theft of $3M, Group-IB, an international company that specializes in preventing cyber attacks, has established that Silence APT, a Russian-speaking cybercriminal group is likely to be behind the brazen attack on Dutch […]
US Cyber Command posted on Twitter an alert about cyber attacks exploiting the CVE-2017-11774 vulnerability in Outlook. Yesterday I was using Twitter when I noticed the following alert issued by the account managed by the US Cyber Command: The alert refers to an ongoing activity aimed at infecting government networks by exploiting the CVE-2017-11774 Outlook […]
Some court websites of a Georgia state were brought offline after their systems were infected by ransomware in a cyber attack. A Georgia state agency confirmed that a cyberattack has brought offline some court websites. According to local media, hackers infected the systems of the Georgia Administrative Office of the Courts with ransomware, “News outlets […]
Firefox finally addressed the issues with antivirus apps crashing HTTPS websites starting with the release of Firefox 68. Mozilla announced that it will resolve the issues that caused antivirus apps crashing HTTPs websites with the release of Firefox 68 version. The problems began after the release of Firefox 65 in December 2018, since then experts […]
A new Ransomware appeared in the threat landscape, the malware began to threats the digital world. This time using a nice but scary name: LooCipher. Introduction A new Ransomware began to threats the digital world. This time using a nice but scary name: LooCipher. The name is at the same time an allusion to its capabilities (thank […]