Apr 06, 2024NewsroomSkimmer / Threat Intelligence Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages CVE-2024-20720 (CVSS score: 9.1), which has been described by Adobe as a case of “improper neutralization of special elements” that could pave the way for arbitrary code […]
Fraud Management & Cybercrime , Social Engineering Escalation of Cyberespionage Likely Tied to Upcoming European Elections Akshaya Asokan (asokan_akshaya) • April 4, 2024 German agencies including the Federal Office for Information Security warned about an uptick in phishing emails targeting political parties. (Image: Shutterstock) German federal agencies warned that phishing attacks targeting political […]
Cybersecurity researchers at Netenrich have uncovered a new ransomware group called Red Ransomware Group (Red CryptoApp). This group operates differently from typical ransomware outfits, adding a twist to their extortion tactics. Unlike most ransomware groups that keep their operations under wraps, Red CryptoApp appears to be taking an aggressive approach. According to Netenrich, the group […]
Newly discovered HTTP/2 protocol vulnerabilities called “CONTINUATION Flood” can lead to denial of service (DoS) attacks, crashing web servers with a single TCP connection in some implementations.
Cybercrime , Fraud Management & Cybercrime CoralRaider Looks for Social Media Accounts That Contain Payment Information Mihir Bagwe (MihirBagwe) • April 5, 2024 Cisco Talos traced the IP address of CoralRaider, financially motivated hackers, to Hanoi, Vietnam, pictured. (Image: Shutterstock) Vietnamese financially motivated hackers are targeting businesses across Asia in a campaign to […]
While similar to IcedID, Proofpoint researchers confirmed it is an entirely new malware, likely created by the IcedID developers. Latrodectus shares infrastructure overlap with historic IcedID operations.
First encountered in December 2019, JsOutProx is a RAT and highly obfuscated JavaScript backdoor that allows its operators to run shell commands, download additional payloads, execute files, capture screenshots, establish persistence, and more.