Cybersecurity
Category Added in a WPeMatico Campaign
Chatbots are surging in popularity, with ChatGPT notably reaching a staggering 180.5 million unique visitors in August 2023. These bots are revolutionizing numerous industries, ranging from healthcare and travel to content creation and sales, offering businesses a more efficient way to engage with customers and cut labor costs. AI-powered service desks, for instance, streamline customer […]
Today, VulnCheck vulnerability researcher Jacob Baines released another PoC exploit that only utilizes CVE-2023-36845, bypassing the need to upload files while still achieving remote code execution.
Sep 19, 2023THNNetwork Security / Exploit New research has found that close to 12,000 internet-exposed Juniper firewall devices are vulnerable to a recently disclosed remote code execution flaw. VulnCheck, which discovered a new exploit for CVE-2023-36845, said it could be exploited by an “unauthenticated and remote attacker to execute arbitrary code on Juniper firewalls without […]
Executive Summary Turla (aka Pensive Ursa, Uroburos, Snake) is a Russian-based threat group operating since at least 2004, which is linked to the Russian Federal Security Service (FSB). In this article, we will cover the top 10 most recently active types of malware in Pensive Ursa’s arsenal: Capibar, Kazuar, Snake, Kopiluwak, QUIETCANARY/Tunnus, Crutch, ComRAT, Carbon, […]
The deployment of file-encrypting ransomware by organized cybercriminal gangs is one of the largest cybersecurity risks facing organizations. A network breach that culminates with a ransomware infection often starts with an infection with a type of malware called a loader. This malware acts as a foothold into an organization’s network and is subsequently used to […]
Executive Summary SentinelLabs identified three Android application packages (APK) linked to Transparent Tribe’s CapraRAT mobile remote access trojan (RAT). These apps mimic the appearance of YouTube, though they are less fully featured than the legitimate native Android YouTube application. CapraRAT is a highly invasive tool that gives the attacker control over much of the data […]
Sep 19, 2023THNMobile Security / Malware The suspected Pakistan-linked threat actor known as Transparent Tribe is using malicious Android apps mimicking YouTube to distribute the CapraRAT mobile remote access trojan (RAT), demonstrating the continued evolution of the activity. “CapraRAT is a highly invasive tool that gives the attacker control over much of the data on […]
Sep 19, 2023THNData Safety / Cybersecurity Microsoft on Monday said it took steps to correct a glaring security gaffe that led to the exposure of 38 terabytes of private data. The leak was discovered on the company’s AI GitHub repository and is said to have been inadvertently made public when publishing a bucket of open-source […]
North Korea’s Lazarus APT stole almost $240 million in crypto assets since June Pierluigi Paganini September 18, 2023 The North Korea-linked APT group Lazarus has stolen more than $240 million worth of cryptocurrency since June 2023, researchers warn. According to a report published by blockchain cyber security firm Elliptic, in the past 104 days, the […]