Author: shortenage
GuLoader Malware Using Malicious NSIS Executable to Target E-Commerce Industry
6 February 2023Feb 06, 2023Ravie LakshmananCyber Attack / Endpoint Security E-commerce industries in South Korea and the U.S. are at the receiving end of an ongoing GuLoader malware campaign, cybersecurity firm Trellix disclosed late last month. The malspam activity is notable for transitioning away from malware-laced Microsoft Word documents to NSIS executable files for loading the malware. […]
Read More
Microsoft: Iranian Nation-State Group Sanctioned by U.S. Behind Charlie Hebdo Hack
6 February 2023Feb 06, 2023Ravie LakshmananHacktivist / Cyber Attack An Iranian nation-state group sanctioned by the U.S. government has been attributed to the hack of the French satirical magazine Charlie Hebdo in early January 2023. Microsoft, which disclosed details of the incident, is tracking the activity cluster under its chemical element-themed moniker NEPTUNIUM, which is an Iran-based […]
Read More
SaaS in the Real World: Who’s Responsible to Secure this Data?
6 February 2023When SaaS applications started growing in popularity, it was unclear who was responsible for securing the data. Today, most security and IT teams understand the shared responsibility model, in which the SaaS vendor is responsible for securing the application, while the organization is responsible for securing their data. What’s far murkier, however, is where the […]
Read More
OpenSSH Releases Patch for New Pre-Auth Double Free Vulnerability
6 February 2023Feb 06, 2023Ravie LakshmananAuthentication / Vulnerability The maintainers of OpenSSH have released OpenSSH 9.2 to address a number of security bugs, including a memory safety vulnerability in the OpenSSH server (sshd). Tracked as CVE-2023-25136, the shortcoming has been classified as a pre-authentication double free vulnerability that was introduced in version 9.1. “This is not believed […]
Read More
FormBook Malware Spreads via Malvertising Using MalVirt Loader to Evade Detection
6 February 2023Feb 06, 2023Ravie LakshmananMalvertising / Data Safety An ongoing malvertising campaign is being used to distribute virtualized .NET loaders that are designed to deploy the FormBook information-stealing malware. “The loaders, dubbed MalVirt, use obfuscated virtualization for anti-analysis and evasion along with the Windows Process Explorer driver for terminating processes,” SentinelOne researchers Aleksandar Milenkoski and Tom […]
Read More
PixPirate: New Android Banking Trojan Targeting Brazilian Financial Institutions
4 February 2023A new Android banking trojan has set its eyes on Brazilian financial institutions to commit fraud by leveraging the PIX payments platform. Italian cybersecurity company Cleafy, which discovered the malware between the end of 2022 and the beginning of 2023, is tracking it under the name PixPirate. “PixPirate belongs to the newest generation of Android […]
Read More
New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers
4 February 2023Feb 04, 2023Ravie LakshmananEnterprise Security / Ransomware VMware ESXi hypervisors are the target of a new wave of attacks designed to deploy ransomware on compromised systems. “These attack campaigns appear to exploit CVE-2021-21974, for which a patch has been available since February 23, 2021,” the Computer Emergency Response Team (CERT) of France said in an […]
Read More
Warning: Hackers Actively Exploiting Zero-Day in Fortra’s GoAnywhere MFT
4 February 2023Feb 04, 2023Ravie LakshmananZero-Day / Vulnerability A zero-day vulnerability affecting Fortra’s GoAnywhere MFT managed file transfer application is being actively exploited in the wild. Details of the flaw were first publicly shared by security reporter Brian Krebs on Mastodon. No public advisory has been published by Fortra. The vulnerability is a case of remote code […]
Read More
Is Your EV Charging Station Safe? New Security Vulnerabilities Uncovered
3 February 2023Feb 03, 2023Ravie LakshmananAutomotive Security / Vulnerability Two new security weaknesses discovered in several electric vehicle (EV) charging systems could be exploited to remotely shut down charging stations and even expose them to data and energy theft. The findings, which come from Israel-based SaiFlow, once again demonstrate the potential risks facing the EV charging infrastructure. […]
Read More
Post-Macro World Sees Rise in Microsoft OneNote Documents Delivering Malware
3 February 2023Feb 03, 2023Ravie LakshmananAttack Vector / Endpoint Security In a continuing sign that threat actors are adapting well to a post-macro world, it has emerged that the use of Microsoft OneNote documents to deliver malware via phishing attacks is on the rise. Some of the notable malware families that are being distributed using this method […]
Read More