Cybersecurity
Category Added in a WPeMatico Campaign
Attackers are targeting MySQL servers and Docker hosts to plant malware capable of launching distributed denial-of-service (DDoS) attacks, according to a warning from researchers at the AhnLab Security Emergency Response Center. According to AhnLab, attacks targeting MySQL on Windows have increased in frequency with vulnerable MySQL servers infected with ‘Ddostf’, a DDoS-capable botnet of Chinese […]
Users are advised to avoid exposing Azure CLI output in logs, regularly rotate keys and secrets, and review best practices for securing Azure Pipelines and GitHub Actions to prevent accidental exposure of sensitive information.
The SQL injection vulnerability, tracked as CVE-2023-6063 and with a high-severity score of 8.6, can be exploited by manipulating a cookie value to execute unauthorized SQL queries. Over 600,000 websites are still running the vulnerable plugin.
Nov 15, 2023NewsroomVulnerability / Hardware Security Intel has released fixes to close out a high-severity flaw codenamed Reptar that impacts its desktop, mobile, and server CPUs. Tracked as CVE-2023-23583 (CVSS score: 8.8), the issue has the potential to “allow escalation of privilege and/or information disclosure and/or denial of service via local access.” Successful exploitation of […]
Nov 15, 2023NewsroomNetwork Securit / Vulnerability VMware is warning of a critical and unpatched security flaw in Cloud Director that could be exploited by a malicious actor to get around authentication protections. Tracked as CVE-2023-34060 (CVSS score: 9.8), the vulnerability impacts instances that have been upgraded to version 10.5 from an older version. “On an […]
A targeted campaign against the gaming community exploits Discord channels and fake download sites to distribute types of information-stealing malware. Multiple information stealer families, including BBy Stealer, Nova Sentinel, Doenerium, and Epsilon Stealer, were identified. To counter similar threats, online gamers are urged to download software exclusively from official and trustworthy websites.
Nov 14, 2023NewsroomHardware Security / Virtualization A group of academics has disclosed a new “software fault attack” on AMD’s Secure Encrypted Virtualization (SEV) technology that could be potentially exploited by threat actors to infiltrate encrypted virtual machines (VMs) and even perform privilege escalation. The attack has been codenamed CacheWarp (CVE-2023-20592) by researchers from the CISPA […]
The cybersecurity landscape is continuously evolving, with threat actors often changing tactics and branding to evade detection and expand their operations. A recent development in this arena involves the Royal ransomware gang. According to a joint advisory from the CISA and the FBI, this group has rebranded itself to BlackSuit. Diving into details The rebranding […]
Key takeaways From July through October 2023, Proofpoint researchers observed TA402 engage in phishing campaigns that delivered a new initial access downloader dubbed IronWind. The downloader was followed by additional stages that consisted of downloaded shellcode. During the same period, TA402 adjusted its delivery methods, moving from using Dropbox links to using XLL and RAR […]