A security researcher discovered that samples of Conti, REvil, LockBit ransomware were vulnerable to DLL hijacking. The security researcher John Page aka (hyp3rlinx) discovered that malware from multiple ransomware operations, including Conti, REvil, LockBit, AvosLocker, and Black Basta, are affected by flaws that could be exploited block file encryption. Page shared its findings through its […]
China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG) reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge, is targeting Russian government agencies. The Google TAG team published a report focused on cybersecurity […]
A vulnerability in the domain name system (DNS) component of the uClibc library impacts millions of IoT products. Nozomi Networks warns of a vulnerability, tracked as CVE-2022-05-02, in the domain name system (DNS) component of the uClibc library which is used by a large number of IoT products. The flaw also affects DNS implementation of all versions of the uClibc-ng […]
A China-linked APT group, tracked as Moshen Dragon, is exploiting antivirus products to target the telecom sector in Asia. A China-linked APT group, tracked as Moshen Dragon, has been observed targeting the telecommunication sector in Central Asia with ShadowPad and PlugX malware, SentinelOne warns. Both PlugX and ShadowPad malware are very common among China-linked cyberespionage […]
The Open Source Security Foundation (OpenSSF) is working on a tool to conduct a dynamic analysis of packages uploaded to popular open-source repositories. The Open Source Security Foundation (OpenSSF) announced the release of the first version of a new tool, dubbed Package Analysis, to perform dynamic analysis of the packages uploaded to popular open-source repositories. […]
The car rental company Sixt announced it was hit by a cyberattack that is causing temporary business disruptions at customer care centers and selective branches. The car rental company Sixt detected IT anomalies on April 29th, 2022 and immediately activated the incident response procedures. Later, the company confirmed that it was hit by a cyber-attack […]
The REvil ransomware gang has resumed its operations, experts found a new encryptor and a new attack infrastructure. The REvil ransomware operation shut down in October 2021, in January the Russian Federal Security Service (FSB) announced to have shut down the REvil ransomware gang, the group that is behind a long string of attacks against large organizations, such as Kaseya and JBS […]
IoT gizmos make our lives easier, but we forget that these doohickeys are IP endpoints that act as mini-radios. They continuously send and receive data via the internet and can be the easiest way for a hacker to access your home network. IoT devices can spy on people, steal data, or bring down vast swathes […]
Russia-linked APT29 (Cozy Bear or Nobelium) launched a spear-phishing campaign targeting diplomats and government entities. In mid-January 2022, security researchers from Mandiant have spotted a spear-phishing campaign, launched by the Russia-linked APT29 group, on targeting diplomats and government entities. The Russia-linked APT29 group (aka SVR, Cozy Bear, and The Dukes) has been active since at least 2014, […]
Synology warns customers that some of its NAS devices are affected by multiple critical Netatalk vulnerabilities. Synology has warned customers that multiple critical Netatalk vulnerabilities affect some of its network-attached storage (NAS) devices. Netatalk is a free, open-source implementation of the Apple Filing Protocol that allows Unix-like operating systems to serve as a file server for macOS computers. QNAP NAS devices support the AFP protocol to […]