Category: Information Security

LummaC2

Passwords Obsolete? Hackers Target Your Web Sessions

CyberArk specialists report that malefactors are mastering new methodologies to access users’ data without the necessity for passwords or multifactor authentication requests. A prevalent technique involves intercepting web sessions through the theft of cookie...

CVE-2023-4911

Microsoft SharePoint Under Attack: CISA Issues Alert

The Cybersecurity and Infrastructure Security Agency (CISA) has expressed concern over the active exploitation of a vulnerability within the Microsoft SharePoint system, which allows malefactors to launch attacks via remote code execution (RCE). The...

malicious LumiApps SDK

28 Android VPNs Found to be Secret Proxies

Twenty-eight free VPN applications on Google Play were found to employ a malicious SDK, transforming Android devices into residential proxies, likely utilized for cybercrimes and bot operations. The team at HUMAN discovered that these...

APT41 hacker

UK and US Accuse China of Election Hacking

On March 25th, the United Kingdom and the United States formally accused China of cyberattacks on democratic institutions, linking Chinese intelligence services to incidents at the Electoral Commission in 2021 and attempting to hack...

MuddyWater

MuddyWater Phishing: Atera Used to Spy on Israel

The cybersecurity firm Proofpoint has uncovered a new phishing campaign orchestrated by the Iranian faction MuddyWater. This operation disseminates legitimate remote monitoring and management software, Atera, among Israeli organizations within the global manufacturing, technology,...

UNC5174

UNC5174 Exploits Zero-Days: F5, Connectwise Hit

Mandiant specialists report that Chinese hackers, identified as UNC5174, are exploiting vulnerabilities in widely-used products to disseminate malicious software capable of installing additional backdoors on compromised Linux hosts. The attacks orchestrated by UNC5174 have...

Sign1 Malware

Massive Sign1 Malware Campaign Targets WordPress

Over the last six months, tens of thousands of web resources have fallen victim to a large-scale campaign deploying the previously unknown malicious program Sign1. Perpetrators have been embedding this malware into WordPress sites,...

CVE-2023-48788 PoC

Fortinet Vulnerability Exploited: Patch Now! PoC Published

Security researchers at Horizon3 have disclosed a Proof-of-Concept (PoC) exploit for a critical vulnerability in Fortinet’s FortiClient EMS, which is currently being actively exploited by hackers. The SQL injection vulnerability, CVE-2023-48788 (with a CVSS...

Unsaflok

Unsafe Hotels? Millions of Rooms Vulnerable to Attack

Annually in August, thousands of cybersecurity professionals gather in Las Vegas for an event often dubbed the “hackers’ summer camp.” This period marks the convening of two of the largest information security conferences: Black...

TinyTurla-NG

NGO Targeted: UNC4210 Deploys TinyTurla-NG

The cybercrime collective known as UNC4210 orchestrated an assault on the digital infrastructure of a European non-governmental organization, deploying the malign software TinyTurla-NG to establish a backdoor. This cyberattack was meticulously documented in a...