Day: October 28, 2022

High-Severity Flaws in Juniper Junos OS Affect Enterprise Networking Devices

28 October 2022

Multiple high-severity security flaws have been disclosed as affecting Juniper Networks devices, some of which could be exploited to achieve code execution. Chief among them is a remote pre-authenticated PHP archive file deserialization vulnerability (CVE-2022-22241, CVSS score: 8.1) in the J-Web component of Junos OS, according to Octagon Networks researcher Paulos Yibelo. “This vulnerability can […]

Read More

These Dropper Apps On Play Store Targeting Over 200 Banking and Cryptocurrency Wallets

28 October 2022

Five malicious dropper Android apps with over 130,000 cumulative installations have been discovered on the Google Play Store distributing banking trojans like SharkBot and Vultur, which are capable of stealing financial data and performing on-device fraud. “These droppers continue the unstopping evolution of malicious apps sneaking to the official store,” Dutch mobile security firm ThreatFabric […]

Read More

Cloud Security Made Simple in New Guidebook For Lean Teams

28 October 2022

Cloud computing was the lifeline that kept many companies running during the pandemic. But it was a classic case of medicine that comes with serious side effects. Having anywhere, anytime access to data and apps gives companies tremendous flexibility in a fast-changing world, plus the means to scale and customize IT at will. The cloud […]

Read More

Researchers Uncover Stealthy Techniques Used by Cranefly Espionage Hackers

28 October 2022

A recently discovered hacking group known for targeting employees dealing with corporate transactions has been linked to a new backdoor called Danfuan. This hitherto undocumented malware is delivered via another dropper called Geppei, researchers from Symantec, by Broadcom Software, said in a report shared with The Hacker News. The dropper “is being used to install […]

Read More

Implementing Defense in Depth to Prevent and Mitigate Cyber Attacks

28 October 2022

The increased use of information technology in our everyday life and business has led to cyber-attacks becoming more sophisticated and large-scale. For organizations to thrive in this era of technology, they must develop robust security strategies to detect and mitigate attacks. Defense in depth is a strategy in which companies use multiple layers of security […]

Read More

Raspberry Robin Operators Selling Cybercriminals Access to Thousands of Endpoints

28 October 2022

The Raspberry Robin worm is becoming an access-as-a-service malware for deploying other payloads, including IcedID, Bumblebee, TrueBot (aka Silence), and Clop ransomware. It is “part of a complex and interconnected malware ecosystem, with links to other malware families and alternate infection methods beyond its original USB drive spread,” the Microsoft Security Threat Intelligence Center (MSTIC) […]

Read More