In addition to targeting researchers with 0-day exploits, the threat actors also developed a standalone Windows tool that has the stated goal of ‘download debugging symbols from Microsoft, Google, Mozilla and Citrix symbol servers for reverse engineers.’ The source code for this tool was first published on GitHub on September 30, 2022, with several updates […]
Researchers at Akamai have unearthed a concerning shift in the behavior of dynamically seeded Domain Generation Algorithm (DGA) families within Domain Name System (DNS) traffic data. This discovery reveals how malicious actors are adapting their tactics to prolong the life of their command-and-control (C2) communication channels, safeguarding their botnets. From a technical standpoint, DGAs come […]
Security researchers have discovered what they described as a critical vulnerability in the relatively widely used PHPFusion open source content management system (CMS). The authenticated local file inclusion flaw, identified as CVE-2023-2453, allows for remote code execution if an attacker can upload a maliciously crafted “.php” file to a known path on a target system. […]
Researchers from Security Joes have identified an unknown threat actor exploiting vulnerabilities in the MinIO Object Storage system to remotely execute arbitrary code on vulnerable servers. Researchers discovered the exploit code Evil_MinIO, abusing CVE-2023-28434 and CVE-2023-28432 vulnerabilities, on a GitHub repository. MinIO is a high-performance and distributed object storage system used by various organizations. Attack […]