Cybersecurity Attacks Archives - Page 7 of 41

CISA adds Critical VMware Workspace ONE Access and Identity Manager vulnerability to Catalog of exploited vulnerabilities

Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / April 14, 2022 / CISA, CVE-2022-22954, Exploit, VMware, Workspace ONE

The Cybersecurity and Infrastructure Security Agency (CISA) has added a Critical VMware Workspace ONE Access and Identity Manager vulnerability to its Known Exploited Vulnerabilities Catalog. VMware also confirmed known exploits in the wild have been detected for CVE-2022-22954.

CISA adds Critical VMware Workspace ONE Access and Identity Manager vulnerability to Catalog of exploited vulnerabilities Read More »

cyber security, information security, data privacy-3400657.jpg

CISA adds Critical WatchGuard and Microsoft AD flaws to Catalog of exploited vulnerabilities

Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / April 11, 2022 / Active Directory, CVE-2017-11317, CVE-2020-2509, CVE-2021-22600, CVE-2021-27852, CVE-2021-39793, CVE-2021-42278, CVE-2021-42287, CVE-2022-23176, Firebox, Microsoft, QNAP, WatchGuard, XTM

The Cybersecurity and Infrastructure Security Agency (CISA) has added a Critical WatchGuard and two Microsoft Active Directory flaws, along with five other vulnerabilities to its Known Exploited Vulnerabilities Catalog.

CISA adds Critical WatchGuard and Microsoft AD flaws to Catalog of exploited vulnerabilities Read More »

Denonia malware targets AWS Lambda

Cloud Security, Cybersecurity Attacks, Malware / Frank Crast / April 8, 2022 / AWS, Cado Labs, Cryptocurrency, Cryptomining, Denonia, Lambda, XMRig

A first of its kind malware dubbed Denonia has been targeting Amazon Web Services (AWS) Lambda, an event-driven, serverless computing platform.

Denonia malware targets AWS Lambda Read More »

Threat actors exploit Spring4Shell to weaponize and execute Mirai botnet

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / Frank Crast / April 8, 2022 / botnet, CVE-2022-22963, CVE-2022-22965, Mirai, Spring, Spring Framework, Spring4Shell

Researchers from Trend Micro have spotted threat actors exploiting the Spring4Shell vulnerability CVE-2022-22965 to weaponize and execute Mirai botnet.

Threat actors exploit Spring4Shell to weaponize and execute Mirai botnet Read More »

Deep Panda APT group launches new attacks against Log4Shell vulnerability to install Fire Chili rootkits

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / Frank Crast / April 2, 2022 / APT, CVE-2021-44228, Deep Panda, FortiLabs, Log4j, log4Shell

In the past month, researchers from FortiLabs have detected a new cyber campaign involving Chinese Advanced Persistent Threat (APT) group Deep Panda that has exploited the Log4Shell (log4j) vulnerability CVE-2021-44228 on vulnerable VMware Horizon servers to install digitally signed Fire Chili rootkits.

Deep Panda APT group launches new attacks against Log4Shell vulnerability to install Fire Chili rootkits Read More »

FBI alert: RagnarLocker Ransomware targeted 52 entities

Cybersecurity Attacks, Malware / Frank Crast / March 9, 2022 / FBI, RagnarLocker, Ransomware

The Federal Bureau of Investigation (FBI) has issued a report of cybercriminals using RagnarLocker ransomware to target 52 entities across critical infrastructure sectors. The report includes the latest updates on indicators of compromise (IoC) on the ransomware threat.

FBI alert: RagnarLocker Ransomware targeted 52 entities Read More »

IsaacWiper: another disk wiping malware targets Ukraine systems

Cybercrime, Cybersecurity Attacks, Malware / Frank Crast / March 2, 2022 / HermeticWiper, IsaacWiper, malware, WhisperGate

Following on the footsteps of other destructive disk-wiping malware attacks, ESET researchers have also discovered a second wiper malware dubbed IsaacWiper targeting governmental networks in Ukraine.

IsaacWiper: another disk wiping malware targets Ukraine systems Read More »

Daxin: “most advanced piece of malware” designed to target hardened networks

Cybersecurity Attacks, Malware / Frank Crast / March 1, 2022 / backdoor, Broadcom, CISA, Daxin, JCDC, malware, Symantec

Symantec security researchers have discovered a new stealth malware dubbed “Daxin” they say is the most “advanced piece of malware” linked to Chinese threat actors and is designed to target hardened networks.

Daxin: “most advanced piece of malware” designed to target hardened networks Read More »

Threat actors deploy destructive disk-wiping malware against organizations in Ukraine

Cybersecurity Attacks, Malware / Frank Crast / February 28, 2022 / CISA, HermeticWiper, malware, MBR, Ukraine, WhisperGate

Threat actors have deployed destructive disk-wiping malware against organizations in Ukraine in order to destroy and make computer systems unusable.

Threat actors deploy destructive disk-wiping malware against organizations in Ukraine Read More »

SockDetour backdoor targets U.S. defense contractors

Cybercrime, Cybersecurity Attacks, Malware / Frank Crast / February 26, 2022 / CVE-2020-36195, CVE-2021-28799, eCh0raix, FTP, Qlocker, QNAP, SockDetour, SOHO, TiltedTemple

An advanced persistent threat (APT) campaign dubbed TiltedTemple has been using a “sophisticated tool” and malicious backdoor SockDetour to target U.S. defense contractors.

SockDetour backdoor targets U.S. defense contractors Read More »