Armis researchers have found three vulnerabilities in APC Smart-UPS devices; they call the vulnerabilities collectively TLStorm. APC stated it had sold more than 20…
Vulnerabilities
SharkBot malware spreading through fake antivirus app on Google Play store
Threat actors have used antivirus as their banking trojan cover to avoid detection by Google Play. The banking trojan is called SharkBot. SharkBot, similar…
RuRAT campaign using innovative methods to get inside the system
RuRAT malware is being installed as part of a malicious drive; the malware allows remote access to affected devices. The attackers are masking as…
Unpatched GitLab servers vulnerable
An old vulnerability (CVE-2021-22205) is being actively exploited for controlling on-premise Gitlab servers, Rapid7 researcher Jacob Baines remarks. What makes it worse is at…
Android vulnerabilities are being exploited to register disposable accounts
A study of SMS phone-verified account (PVA) services has revealed a rogue platform with a botnet underneath. The rogue platform has infected thousands of…
Hive’s encryption algorithm has flaws that were exploited to create Masterkey
Researchers have chronicled their decoding attempt, decoding the data infected with Hive ransomware without relying on the private key that blocked the content access.…
Cisco email security appliances under threat as Attackers can crash appliances
Cisco has released patches for three vulnerabilities that have been plaguing its products—one vulnerability rated high severity in its Email Security Appliance (ESA). The…
PrivateLoader Malware Distribution Service is Blossoming in PPI Mode
The Pay-Per-Install (PPI) malware service, PrivateLoader, has been acquiring popularity in delivering a motley of malware. Usually, malware operators pay such service owners to…
Alert Overload and Handling – A Guide for Lean IT Security Teams
An alarming study revealed the stress and strains that the average cybersecurity team experiences daily. Nearly 70% of teams report feeling emotionally devastated by…
Samba-Critical Vulnerability Let Attackers Gain Remote Code Execution
A Virtual File System of Samba was found to be vulnerable to Remote Code Execution. Versions before 4.13.17 were vulnerable to this vulnerability. Samba…