RuRAT malware is being installed as part of a malicious drive; the malware allows remote access to affected devices. The attackers are masking as…
Vulnerabilities
Unpatched GitLab servers vulnerable
An old vulnerability (CVE-2021-22205) is being actively exploited for controlling on-premise Gitlab servers, Rapid7 researcher Jacob Baines remarks. What makes it worse is at…
Android vulnerabilities are being exploited to register disposable accounts
A study of SMS phone-verified account (PVA) services has revealed a rogue platform with a botnet underneath. The rogue platform has infected thousands of…
Hive’s encryption algorithm has flaws that were exploited to create Masterkey
Researchers have chronicled their decoding attempt, decoding the data infected with Hive ransomware without relying on the private key that blocked the content access.…
Cisco email security appliances under threat as Attackers can crash appliances
Cisco has released patches for three vulnerabilities that have been plaguing its products—one vulnerability rated high severity in its Email Security Appliance (ESA). The…
PrivateLoader Malware Distribution Service is Blossoming in PPI Mode
The Pay-Per-Install (PPI) malware service, PrivateLoader, has been acquiring popularity in delivering a motley of malware. Usually, malware operators pay such service owners to…
Alert Overload and Handling – A Guide for Lean IT Security Teams
An alarming study revealed the stress and strains that the average cybersecurity team experiences daily. Nearly 70% of teams report feeling emotionally devastated by…
Samba-Critical Vulnerability Let Attackers Gain Remote Code Execution
A Virtual File System of Samba was found to be vulnerable to Remote Code Execution. Versions before 4.13.17 were vulnerable to this vulnerability. Samba…
Many WordPress sites have become vulnerable as PHP RCE vulnerability identified
“PHP Everywhere” plugin for WordPress, which is used by more than 30,000 websites, has three critical remote code execution (RCE) vulnerabilities. PHP Everywhere, a…
Zimbra issues hotfix for XSS vulnerability under active exploitation
Attackers have targeted mailboxes in multiple waves across two attack phases. Business email platform Zimbra has released a hotfix for a cross-site scripting (XSS)…