APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack O-Days
Research indicates that organizations should make patching existing flaws a priority to mitigate risk of compromise.
Continue ReadingCategory: Hacks
Sysrv-K Botnet Targets Windows, Linux
Microsoft researchers say they are tracking a botnet that is leveraging bugs in the Spring Framework and WordPress plugins.
Continue ReadingMalware Builder Leverages Discord Webhooks
Researchers discovered a simple malware builder designed to steal credentials, then pinging them to Discord webhooks.
Continue ReadingNovel Phishing Trick Uses Weird Links to Bypass Spam Filters
A novel form of phishing takes advantage of a disparity between how browsers and email inboxes read web domains.
Continue ReadingHackers Actively Exploit F5 BIG-IP Bug
The bug has a severe rating of 9.8, public exploits are released.
Continue ReadingFBI: Rise in Business Email-based Attacks is a $43B Headache
A huge spike in fraudulent activities related to attacks leveraging business email accounts is a billion-dollar-problem.
Continue ReadingUSB-based Wormable Malware Targets Windows Installer
Activity dubbed ‘Raspberry Robin’ uses Microsoft Standard Installer and other legitimate processes to communicate with threat actors and execute nefarious commands.
Continue ReadingVHD Ransomware Linked to North Korea’s Lazarus Group
Source code and Bitcoin transactions point to the malware, which emerged in March 2020, being the work of APT38, researchers at Trellix said.
Continue ReadingChina-linked APT Caught Pilfering Treasure Trove of IP
A state-sponsored threat actor designed a house-of-cards style infection chain to exfiltrate massive troves of highly sensitive data.
Continue ReadingAttackers Use Event Logs to Hide Fileless Malware
A sophisticated campaign utilizes a novel anti-detection method.
Continue Reading