Cybersecurity Attacks - Page 3 of 38

Symbiote: Linux malware ‘nearly impossible to detect’ threat

Cybersecurity Attacks, Malware / By Frank Crast / June 11, 2022 June 11, 2022 / Blackberry, BPF, Cyberattack, Cybersecurity Threat Center, Linux, malware, Symbiote

Researchers have discovered a new Linux malware dubbed Symbiote, a ‘nearly impossible to detect’ threat.

Microsoft exposes and disables Polonium activity targeting Israeli organizations

Cloud Security, Cybersecurity Attacks / By Frank Crast / June 7, 2022 June 7, 2022 / CreepyBox, CreepyDrive, CVE-2018-13379, Iran, Lebanon, Microsoft, MOIS, MSTIC, OneDrive, Polonium

Microsoft has exposed and disabled a Lebanon-based Polonium cyber activity targeting Israeli organizations.

Atlassian fixes Critical Confluence RCE vulnerability (CVE-2022-26134) exploited in the wild

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / June 4, 2022 June 4, 2022 / Atlassian, Confluence, CVE-2022-26134, Zero-day

Atlassian has fixed a Critical severity unauthenticated zero-day RCE vulnerability (CVE-2022-26134) in Confluence Server and Data Center.

Zoom patches XMPP vulnerability chain that could allow an attacker to compromise user over Zoom chat

Cybersecurity Attacks, Messaging Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / May 26, 2022 May 26, 2022 / CVE-2022-22784, CVE-2022-22785, CVE-2022-22786, CVE-2022-22787, Stanza, XMPP, Zoom

Zoom recommends users upgrade their Zoom client to version 5.10.0 to fix an XMPP vulnerability chain that could enable an attacker to execute remote code and compromise another user over Zoom chat.

XorDdos: DDoS malware targets Linux systems

Cybersecurity Attacks, Malware / By Frank Crast / May 21, 2022 May 21, 2022 / DDoS, Linux, malware, XORDDoS

Over the past six months, Microsoft has observed a spike in cyberactivity of 254% from XorDdos, a trojan targeting Linux-based cloud systems and Internet of Things (IoT) devices.

CISA adds 5 vulnerabilities to Known Exploited Vulnerabilities Catalog

Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / May 10, 2022 June 16, 2022 / CISA, CVE-2019-8506, CVE-2021-1789

The Cybersecurity and Infrastructure Security Agency (CISA) has added five vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include two Apple, two Microsoft and one OpenSSL vulnerability.

Emotet botnet reemerges with new threat behaviors

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / May 4, 2022 May 4, 2022 / AppX, botnet, Emotet, malware, TA542, XLL

Researchers from Proofpoint have observed the reemergence of Emotet botnet that has exhibited new behaviors in using new attack techniques.

The Top 15 mostly commonly exploited vulnerabilities in 2021

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / May 2, 2022 May 2, 2022 / CVE-2018-13379, CVE-2019-11510, CVE-2020-0688, CVE-2020-1472, CVE-2021-21972, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-31207, CVE-2021-34473, CVE-2021-34523, CVE-2021-40539, CVE-2021-44228, log4Shell, ProxyLogon, ProxyShell, Zerologon

The Cybersecurity Advisory (CSA) published details on the top 15 vulnerabilities most routinely exploited by malicious cyber actors in 2021. Common CVEs include Log4Shell, ProxyLogon, ProxyShell, ZeroLogon and others.

ransomware, cybersecurity, cyber-3998798.jpg

FBI: BlackCat ransomware has compromised 60 entities worldwide

Cybersecurity Attacks, Malware / By Frank Crast / April 25, 2022 April 25, 2022 / ALPHV, BlackCat, BlackMatter, Darkside, Ransomware, RUST

The Federal Bureau of Investigation (FBI) has released new information on BlackCat (also known as ALPHV) ransomware as a service (RaaS), that has compromised at least 60 entities worldwide as of March 2022.

APT actors targeting ICS/SCADA Devices with custom tools

Cybersecurity Attacks / By Frank Crast / April 18, 2022 April 18, 2022 / APT, CISA, DOE, ICS, OMRON, OPC UA, SCADA, Schneider

US Government cybersecurity experts are warning of advanced persistent threat (APT) actors using custom tools to target and compromise multiple industrial control system (ICS) and supervisory control and data acquisition (SCADA) devices.