Despite its connection to FIN7, other threat actors have also employed PackXOR to distribute payloads like XMRig cryptominer and R77 rootkit, often in conjunction with SilentCryptoMiner.
The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center highlighted the ongoing discovery of vulnerabilities in Tomcat that pose a risk to organizations.
Progress Software has released security updates for a maximum-severity flaw in LoadMaster and Multi-Tenant (MT) hypervisor that could result in the execution of arbitrary operating system commands. Tracked as CVE-2024-7591 (CVSS score: 10.0), the vulnerability has been described as an improper input validation bug that results in OS command injection. “It is possible for unauthenticated, […]
Two men from Russia and Kazakhstan, Alex Khodyrev and Pavel Kublitskii, have been indicted in Tampa, Florida, for operating the Dark Web cybercriminal marketplace WWH Club.
Absolute Security has acquired Syxsense, an endpoint and vulnerability management provider, to enhance its cyber resilience platform. The acquisition aims to simplify patching and remediation through automated workloads.
IBM webMethods Integration Server is hit by a critical flaw (CVE-2024-45076) with a CVSS score of 9. 9, demanding urgent attention. This flaw allows authenticated users to execute arbitrary commands, escalate privileges, and access sensitive files.
Android device users in South Korea have emerged as a target of a new mobile malware campaign that delivers a new type of threat dubbed SpyAgent. The malware “targets mnemonic keys by scanning for images on your device that might contain them,” McAfee Labs researcher SangRyol Ryu said in an analysis, adding the targeting footprint […]
Red Hat has issued a critical security advisory for an authentication bypass vulnerability (CVE-2024-7923) in Pulpcore, a content management system used in Red Hat Satellite deployments.
A previously undocumented threat actor with likely ties to Chinese-speaking groups has predominantly singled out drone manufacturers in Taiwan as part of a cyber attack campaign that commenced in 2024. Trend Micro is tracking the adversary under the moniker TIDRONE, stating the activity is espionage-driven given the focus on military-related industry chains. The exact initial […]