The Cuba Ransomware gang has partnered with the crooks behind the Hancitor malware in attacks aimed at corporate networks. The Hancitor downloader has been around for quite some time already. It is known since at least 2016 for dropping Pony and Vawtrak. As a loader, it has been used to download other malware families, such as Ficker […]
Experts spotted a new malware, dubbed Moriya rootkit, that targets Windows systems as part of cyberespionage campaign dubbed TunnelSnake. An unclassified threat actor employed a new stealthy malware, dubbed Moriya rootkit, to compromise Windows systems. Kaspersky experts who uncovered the threat speculate the attacks are likely part of an ongoing espionage campaign dubbed TunnelSnake that has been […]
Chinese military unit PLA Unit 61419 is suspected to be involved in cyber-espionage campaigns against multiple antivirus companies. Researchers from cybersecurity firm Recorded Futureâs Insikt Group have discovered six procurement documents from official Peopleâs Liberation Army (PLA) military websites and other sources that demonstrate that PLA Unit 61419 has sought to purchase antivirus solutions from […]
A taste of the latest release of QakBot â one of the most popular and mediatic trojan bankers active since 2007. The malware QakBot, also known as Qbot, Pinkslipbot, and Quakbot is a banking trojan that has been made headlines since 2007. This piece of malware is focused on stealing banking credentials and victimâs secrets using […]
Cisco fixed critical flaws in SD-WAN vManage and HyperFlex HX software that could allow creating admin accounts, and executing commands as root. Cisco has addressed critical vulnerabilities affecting SD-WAN vManage and HyperFlex HX software that could allow creating admin accounts and executing commands as root. Cisco SD-WAN vManage Software flaws (CVE-2021-1275, CVE-2021-1468, CVE-2021-1505, CVE-2021-1506, CVE-2021-1508) could […]
Researchers found a critical vulnerability in HPE Edgeline Infrastructure Manager that could be exploited by a remote attacker to bypass authentication. Researchers from Tenable have disclosed a critical authentication bypass vulnerability in HPE Edgeline Infrastructure Manager (EIM), tracked as CVE-2021-29203, that could be exploited by attackers to compromise a customerâs cloud infrastructure. “A security vulnerability […]
A massive distributed denial of service (DDoS) attack shut down Belgiums’ government websites, internal networks were also impacted. A massive distributed denial of service (DDoS) attack hit most of the Belgium governmentâs IT network, according to the media the attack also knocked offline internal systems. People attempting to visit websites hosted on the Belnet network […]
The maintainers of the Exim email server software addressed a collection of 21 issues, dubbed 21Nails, that can allow attackers to fully compromise mail servers. The maintainers of the Exim email server software have released security updates to address a collection of 21 vulnerabilities, dubbed 21Nails, that can be exploited by attackers to take over […]
American multinational computer technology giant Dell addresses a 12-year-old driver flaw, tracked as CVE-2021-21551, impacting millions of computers. Hundreds of millions of Dell computers worldwide are affected by a 12-year-old vulnerability, tracked as CVE-2021-21551, that affects Dell DBUtil driver. The flaw affects version 2.3 of the Dell BIOS driver, it is one of a series of […]
Iran-linked ATP group carried out a ransomware operation through a contracting company based in the country, Flashpoint researchers warn. Researchers from Flashpoint have uncovered a state-sponsored ransomware campaign conducted by Iranâs Islamic Revolutionary Guard Corps (IRGC) through an Iranian contracting company called âEmen Net Pasargardâ (ENP) (aka âImannet Pasargad,â âIliant Gostar Iranian,â âEeleyanet Gostar Iraniyanâ). […]