Attackers are planting RedLine Stealer trojan using an exploit kit. The attackers are taking advantage of an Internet Explorer flaw which was fixed by Microsoft last year. “When executed, RedLine Stealer performs recon against the target system (including username, hardware,…
Latest posts - Page 62
The top exploited vulnerabilities in 2021 have been revealed by cybersecurity firms
Cybersecurity authorities around the world have released a list of the top 15 vulnerabilities regularly exploited by threat actors in 2021, in collaboration with the NSA and the FBI. In a joint alert, the cybersecurity authorities recommended enterprises to patch…
SQLi could be used to modify student grades on the Greek education portal UniverSIS.
Academic grades were at danger due to a SQL injection (SQLi) vulnerability in an open-source platform established by Greek universities to manage student data. According to a blog post published by security researcher Stavros Mekesis, miscreants exploiting the weakness in…
Prynt Stealer: A new tool for attackers
Researchers have found a new infostealer on cybercrime forums having innumerable features. It can not only pilfer victims’ data but also execute financial thefts using clippers and keylogging. Researchers from Cyble have tracked Prynt Stealer in the wild and analysed…
Vulnerability in VirusTotal allows attackers to take control of unpatched third-party antivirus
Security researchers have revealed a security issue that could enable attackers to exploit the VirusTotal platform for remote code execution (RCE) on unpatched third-party sandboxing machines employed by antivirus engines. The vulnerability, now fixed, allowed to “execute commands remotely within…
FBI issues alert regarding BalckCat ransomware that has affected 60 organisations
The U.S. Federal Bureau of Investigation (FBI) has warned the public of the BlackCat ransomware-as-a-service (RaaS). The ransomware has affected 60 entities globally as of March 2022 (Emerged in November 2021). The ransomware, also known as ALPHV and Noberus, is…
Cryptocurrency miners have Dockers, AWS and Alibaba cloud in their crosshair
LemonDuck, a cross-platform cryptocurrency mining botnet, is attacking Docker to steal cryptocurrency on Linux systems. The attacks form part of a bigger malware campaign. “It runs an anonymous mining operation by the use of proxy pools, which hide the wallet…
Hackers infiltrate resumes sent to corporate hiring managers with the ‘More Eggs’ malware
A year after potential candidates looking for work on LinkedIn were tempted with weaponized job offers, a new series of phishing assaults carrying the more eggs malware has been detected attacking corporate hiring supervisors with false resumes as an infection…
Java encryption implementation error made it trivial to forge credentials
A critical flaw in the Java JDK’s handling of some encryption procedures makes it simple for attackers to create fake credentials. Oracle resolved the cryptographic flaw, which affects Java JDK versions 15 and later, with a patch distributed as part…
Android devices vulnerable to remote spying as flaws discovered in chipsets
Audio decoders of Qualcomm and Media Tek chips have been found to have three security vulnerabilities, and if the vulnerabilities are left unpatched, it could allow the attackers to remotely access media and audio conversations on affected mobiles. Check Point,…