BianLian group exploits JetBrains TeamCity bugs in ransomware attacks Pierluigi Paganini March 11, 2024 BianLian ransomware group was spotted exploiting vulnerabilities in JetBrains TeamCity software in recent attacks. Researchers from GuidePoint Security noticed, while investigating a recent attack linked to the BianLian ransomware group, that the threat actors gained initial access to the target by […]
Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO Ransomware The Trend Micro threat hunting team came across an RA World attack involving multistage components designed to ensure maximum impact. By: Nathaniel Morales, Katherine Casona, Ieriz Nicolle Gonzalez, Ivan Nicole Chavez, Maristel Policarpio, Jacob Santos March 04, 2024 Read time: ( words) The RA World […]
Tomer Nahum and Eric Woodruff Key findings Golden SAML, an attack technique that exploits the SAML single sign-on protocol, was used as a post-breach exploit, compounding the devastating SolarWinds attack of 2020—one of the largest breaches of the 21st century. The supply chain SolarWinds attack affected thousands of organizations around the world, including the U.S. […]
Feb 09, 2024NewsroomMalware / Dark Web The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than before. This means that “Raspberry Robin has access to an exploit seller or its authors develop the […]
The group’s access to exploits for vulnerabilities, such as CVE-2023-36802 and CVE-2023-29360, suggests ties to sophisticated developers and the purchase of external 64-bit executables rather than in-house development.
Jan 12, 2024NewsroomCryptocurrency / Malware Cybersecurity researchers have identified a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners within targeted environments. “This attack is particularly intriguing due to the attacker’s use of packers and rootkits to conceal the malware,” Aqua security researchers Nitzan Yaakov and Assaf Morag said in […]
The attack exploits weaknesses in the SSH transport layer protocol and encryption modes used by a majority of current implementations, making it a significant concern for the cybersecurity community.
The SLAM attack exploits hardware features in upcoming CPUs from Intel, AMD, and Arm to obtain the root password hash from kernel memory, highlighting potential security vulnerabilities.
Considering the widespread use of the well-established wireless communication standard and the versions impacted by the exploits, BLUFFS could work against billions of devices, including laptops, smartphones, and other mobile devices.
- 1
- 2