Tag: Cybersecurity

GuptiMiner Use eScan to Spread Miners and Backdoors

GuptiMiner hijacks eScan antivirus updates to deploy backdoors and mine cryptocurrency.

A recent report by Avast researchers identified an old-timer malware called GuptiMiner. It uses the eScan antivirus update mechanism to stealthily inject backdoors and cryptocurrency mining programs into users’ computer systems and large corporate networks. This is further evidence that cybercriminals are adapting their techniques to bypass modern security measures. Let’s look at the situation.… Continue reading GuptiMiner Use eScan to Spread Miners and Backdoors

Infostealers Made With Electron On The Rise

Hackers use an unusual framework and packing method to create and spread malware

AhnLab Security Intelligence Center (ASEC) has identified a new strain of Infostealer malware created using the Electron framework. These apps are packaged in NSIS installer format, which the attacker used for the malware. Distribution of Infostealer Made With Electron ASEC has discovered a new malware strain with some unusual properties. It uses Electron, a popular… Continue reading Infostealers Made With Electron On The Rise

GitHub and GitLab CDNs Abused to Spread Malware

Threat actors found a new approach of spreading malware through benign repositories

Recent research around new spreading approaches of one stealer malware family revealed a new way to abuse GitHub. Instead of creating repositories that contain malware files, hackers push the files they need through the issue reporting mechanism in the repository menu. This allows for making malware look like a file from a legit repo, bypassing… Continue reading GitHub and GitLab CDNs Abused to Spread Malware

MITRE NERVE Hacked, Service Taken Offline

Even the most ready organizations are not immune to cyberattacks

MITRE reports about hacker activity in their NERVE network, spotted in April 2024. Upon detecting the suspicious activity, the organization put the affected service offline and started the investigation. The alleged way of hackers getting into the network is through the use of Ivanti VPN vulnerabilities. MITRE Reports About NERVE Being Hacked MITRE, known to… Continue reading MITRE NERVE Hacked, Service Taken Offline

Cisco Talos Warns of a Massive Brute Force Wave

Attacks were opportunistic, the threat was escalating, and enhanced security measures were needed to protect accounts.

The Cisco Talos security team has released information about a new campaign of attackers targeting mass account compromise. Specialists have recorded countless login attempts to gain unauthorized access to web infrastructure, particularly SSH servers, VPN clients and web applications. This is alarming and frightening for both big companies and home users. Cisco Reports Massive Brute… Continue reading Cisco Talos Warns of a Massive Brute Force Wave

Critical LG TV Vulnerabilities Allow for Command Execution

LG TV users are advised to update the software to the latest version due to the 4 critical security flaws

LG reports fixing four critical vulnerabilities discovered in many of its TVs. These vulnerabilities were found back in 2023, and could allow malicious actors to gain control of affected LG TVs. Good news – the attacker should connect to the same network to exploit the flaw. Bad news – they can continue using the device… Continue reading Critical LG TV Vulnerabilities Allow for Command Execution

Progress Flowmon Command Injection Flaw Discovered

Progress uncovers critical flaw in Flowmon that allows for arbitrary command execution

Progress Flowmon, a popular network monitoring software solution, appears to be vulnerable to arbitrary command injection. Successful exploitation of the flaw can grant adversaries with full access to the network infrastructure, leading to catastrophic consequences. The developer already released the fix and insists on its urgent installation. Flowmon Command Injection Flaw Threatens Network Security The… Continue reading Progress Flowmon Command Injection Flaw Discovered

UnitedHealth Hack Leaks 6 TB of User Data

The BlackCat group hacked into UnitedHealth, stealing massive amounts of data.

UnitedHealth Group, one of the largest providers of health insurance and health care services in the United States, suffered a cyberattack with the following data breach. The company admitted that the personal data of millions of patients was “stolen” in a cyberattack. This incident is already being called one of the largest in healthcare history.… Continue reading UnitedHealth Hack Leaks 6 TB of User Data

Microsoft SharePoint Vulnerability Exploited, Update Now

A critical vulnerability in Microsoft SharePoint is now under active exploitation

In late March 2024, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued the alert regarding the exploitation of a flaw in Microsoft SharePoint. It was detected back in September 2023, but the facts of active exploitation surfaced only recently. Fortunately, Microsoft offers updates that fix the flaw. Remote code execution vulnerability A vulnerability designated… Continue reading Microsoft SharePoint Vulnerability Exploited, Update Now

ShadowRay Vulnerability Threatens AI Workloads, No Patch Available

Researchers noticed that a vulnerability in question is actively exploited

Recent review of vulnerabilities in the Ray framework uncovered the unpatched flaw, dubbed ShadowRay. It appears that hundreds of machine learning clusters were already compromised, leading to the leak of ML assets. Researchers trace the first attack that used this vulnerability to September 2023, meaning that the vulnerability already circulates for over half a year.… Continue reading ShadowRay Vulnerability Threatens AI Workloads, No Patch Available