Security Affairs Archives - Page 396 of 1047

Pierluigi Paganini May 20, 2022

The activity of the Linux XorDdos bot increased by 254% over the last six months

Microsoft researchers have observed a spike in the activity of the Linux bot XorDdos over the last six months. XORDDoS, also known as XOR.DDoS, first appeared in the threat landscape in 2014 it is a Linux Botnet that was employed in attacks against gaming and education websites with massive DDoS attacks that reached 150 gigabytes per second […]

Pierluigi Paganini May 20, 2022

Conti ransomware is shutting down operations, what will happen now?

The Conti ransomware gang shut down its operation, and some of its administrators announced a branding of the gang. Advanced Intel researcher Yelisey Boguslavskiy announced the that Conti Ransomware gang shuts its infrastructure and some of its administrators announced a rebranding of the popular RaaS operation. The news was reported by BleepingComputer that citing Boguslavskiy confirmed […]

Pierluigi Paganini May 19, 2022

Google OAuth client library flaw allowed to deploy of malicious payloads

Google addressed a high-severity flaw in its OAuth client library for Java that could allow attackers with a compromised token to deploy malicious payloads. Google addressed a high-severity authentication bypass flaw in Google OAuth Client Library for Java, tracked as CVE-2021-22573 (CVS Score 8.7), that could be exploited by an attacker with a compromised token […]

Pierluigi Paganini May 19, 2022

Pwn2Own Vancouver 2022 D1: MS Teams exploits received $450,000

White hat hackers earned a total of $800,000 on the first day of the Pwn2Own Vancouver 2022, $450,000 for exploits targeting Microsoft Teams. Pwn2Own Vancouver 2022 hacking contest has begun, it is the 15th edition of this important event organized by Trend Micro’s Zero Day Initiative (ZDI). This year, 17 contestants are attempting to exploit […]

Pierluigi Paganini May 19, 2022

China-linked Space Pirates APT targets the Russian aerospace industry

A new China-linked cyberespionage group known as ‘Space Pirates’ is targeting enterprises in the Russian aerospace industry. A previously unknown Chinese cyberespionage group, tracked as ‘Space Pirates’, targets enterprises in the Russian aerospace industry with spear-phishing attacks. The group has been active since at least 2017, researchers believe it is linked with other China-linked APT […]

Pierluigi Paganini May 19, 2022

CISA orders federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 flaws

CISA orders federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 vulnerabilities by May 23, 2022. The Cybersecurity and Infrastructure Security Agency (CISA) issued the Emergency Directive 22-03 to order federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 flaws or to remove the affected products from their networks by May 23, 2022. The list of impacted […]

Pierluigi Paganini May 18, 2022

VMware fixed a critical auth bypass issue in some of its products

VMware addressed a critical authentication bypass vulnerability “affecting local domain users” in multiple products. The virtualization giant warns that a threat actor can exploit the flaw, tracked as CVE-2022-22972 (CVSSv3 base score of 9.8), to obtain admin privileges and urges customers to install patches immediately. “This critical vulnerability should be patched or mitigated immediately per the […]

Pierluigi Paganini May 18, 2022

Microsoft warns of attacks targeting MSSQL servers using the tool sqlps

Microsoft warns of brute-forcing attacks targeting Microsoft SQL Server (MSSQL) database servers exposed online. Microsoft warns of a new hacking campaign aimed at MSSQL servers, threat actors are launching brute-forcing attacks against poorly protected instances. The attacks are using the legitimate tool sqlps.exe, a sort of SQL Server PowerShell file, as a LOLBin (short for living-off-the-land binary). Microsoft warned of […]

Pierluigi Paganini May 18, 2022

Microsoft warns of the rise of cryware targeting hot wallets

Microsoft researchers warn of the rising threat of cryware targeting non-custodial cryptocurrency wallets, also known as hot wallets. Microsoft warns of the rise of cryware, malicious software used to steal info an dfunds from non-custodial cryptocurrency wallets, also known as hot wallets. Data stolen from this kind of malware includes private keys, seed phrases, and […]

Pierluigi Paganini May 18, 2022

Experts spotted a new variant of UpdateAgent macOS malware dropper written in Swift

Researchers spotted a new variant of the UpdateAgent macOS malware dropper that was employed in attacks in the wild. Researchers from the Jamf Threat Labs team have uncovered a new variant of the UpdateAgent macOS malware dropper. The new version is written in Swift and relies on the AWS infrastructure to host its malicious payloads. […]