Month: January 2023
ISC Releases Security Patches for New BIND DNS Software Vulnerabilities
28 January 2023Jan 28, 2023Ravie LakshmananServer Security / DNS The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could lead to a denial-of-service (DoS) condition. “A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions and […]
Read More
Ukraine Hit with New Golang-based ‘SwiftSlicer’ Wiper Malware in Latest Cyber Attack
28 January 2023Jan 28, 2023Ravie LakshmananCyber Threat / Cyber War Ukraine has come under a fresh cyber onslaught from Russia that involved the deployment of a previously undocumented Golang-based data wiper dubbed SwiftSlicer. ESET attributed the attack to Sandworm, a nation-state group linked to Military Unit 74455 of the Main Intelligence Directorate of the General Staff of […]
Read More
Experts Uncover the Identity of Mastermind Behind Golden Chickens Malware Service
27 January 2023Jan 27, 2023Ravie LakshmananThreat Response / Cyber Crime Cybersecurity researchers have discovered the real-world identity of the threat actor behind Golden Chickens malware-as-a-service, who goes by the online persona “badbullzvenom.” eSentire’s Threat Response Unit (TRU), in an exhaustive report published following a 16-month-long investigation, said it “found multiple mentions of the badbullzvenom account being shared […]
Read More
Researchers Discover New PlugX Malware Variant Spreading via Removable USB Devices
27 January 2023Jan 27, 2023Ravie LakshmananEndpoint Security / Malware Cybersecurity researchers have uncovered a PlugX sample that employs sneaky methods to infect attached removable USB media devices in order to propagate the malware to additional systems. “This PlugX variant is wormable and infects USB devices in such a way that it conceals itself from the Windows operating […]
Read More
3 Lifehacks While Analyzing Orcus RAT in a Malware Sandbox
27 January 2023Jan 27, 2023The Hacker NewsMalware Analyzing Orcus is a Remote Access Trojan with some distinctive characteristics. The RAT allows attackers to create plugins and offers a robust core feature set that makes it quite a dangerous malicious program in its class. RAT is quite a stable type that always makes it to the top. ANY.RUN’s […]
Read More
British Cyber Agency Warns of Russian and Iranian Hackers Targeting Key Industries
27 January 2023Jan 27, 2023Ravie LakshmananNation-State-Sponsored Attacks The U.K. National Cyber Security Centre (NCSC) on Thursday warned of spear-phishing attacks mounted by Russian and Iranian state-sponsored actors for information-gathering operations. “The attacks are not aimed at the general public but targets in specified sectors, including academia, defense, government organizations, NGOs, think tanks, as well as politicians, journalists […]
Read More
Hive Ransomware Infrastructure Seized in Joint International Law Enforcement Effort
26 January 2023Jan 26, 2023Ravie LakshmananEncryption / Ransomware The infrastructure associated with the Hive ransomware-as-a-service (RaaS) operation has been seized as part of a coordinated law enforcement effort involving 13 countries. “Law enforcement identified the decryption keys and shared them with many of the victims, helping them regain access to their data without paying the cybercriminals,” Europol […]
Read More
Google Takes Down 50,000 Instances of Pro-Chinese DRAGONBRIDGE Influence Operation
26 January 2023Jan 26, 2023Ravie LakshmananThreat Analysis Google on Thursday disclosed it took steps to dismantle over 50,000 instances of activity orchestrated by a pro-Chinese influence operation known as DRAGONBRIDGE in 2022. “Most DRAGONBRIDGE activity is low quality content without a political message, populated across many channels and blogs,” the company’s Threat Analysis Group (TAG) said in […]
Read More
Researchers Release PoC Exploit for Windows CryptoAPI Bug Discovered by NSA
26 January 2023Jan 26, 2023Ravie LakshmananEncryption / Windows Security Proof-of-concept (Poc) code has been released for a now-patched high-severity security flaw in the Windows CryptoAPI that the U.S. National Security Agency (NSA) and the U.K. National Cyber Security Centre (NCSC) reported to Microsoft last year. Tracked as CVE-2022-34689 (CVSS score: 7.5), the spoofing vulnerability was addressed by […]
Read More
Researchers Uncover Connection b/w Moses Staff and Emerging Abraham’s Ax Hacktivists Group
26 January 2023Jan 26, 2023Ravie Lakshmanan New research has linked the operations of a politically motivated hacktivist group known as Moses Staff to another nascent threat actor named Abraham’s Ax that emerged in November 2022. This is based on “several commonalities across the iconography, videography, and leak sites used by the groups, suggesting they are likely operated […]
Read More