Tag

cyber security
A threat actor by the name Lolip0p has uploaded three rogue packages to the Python Package Index (PyPI) repository that are designed to drop malware on compromised developer systems. The packages – named colorslib (versions 4.6.11 and 4.6.12), httpslib (versions 4.6.9 and 4.6.11), and libhttps (version 4.6.12) – by the author between January 7, 2023, and January 12, 2023. They have since been...
Read More
CircleCI, a DevOps platform, discovered that malware installed on a CircleCI engineer’s laptop was used by an unauthorized third party to steal a legitimate, 2FA-backed SSO session. On December 16, 2022, this device was compromised. The company’s antivirus programme was unable to detect the malware. “Our investigation indicates that the malware was able to execute session cookie...
Read More
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released several Industrial Control Systems (ICS) advisories warning of critical security flaws affecting products from Sewio, InHand Networks, Sauter Controls, and Siemens. The most severe of the flaws relate to Sewio’s RTLS Studio, which could be exploited by an attacker to “obtain unauthorized access to the server, alter...
Read More
Customers were notified by NortonLifeLock – Gen Digital that accounts for Norton Password Manager had been successfully breached. They made it clear that the breach was targeted at user accounts rather than the company system. According to the letter given to the Office of the Vermont Attorney General, an unauthorized third party used credential stuffing to carry...
Read More
Digital certificates are electronic credential that binds the identity to the owner of the certificate which can also pair the electronic encryption keys that can be public and private. This mainly uses to encrypt the sign information digitally. The main work for the digital certificate is to make sure the public key content, belongs to...
Read More
A zero-day vulnerability in FortiOS SSL-VPN that Fortinet addressed last month was exploited by unknown actors in attacks targeting the government and other large organizations. “The complexity of the exploit suggests an advanced actor and that it is highly targeted at governmental or government-related targets,” Fortinet researchers said in a post-mortem analysis published this week. The attacks...
Read More
Security researchers have disclosed multiple architectural vulnerabilities in Siemens SIMATIC and SIPLUS S7-1500 programmable logic controllers (PLCs) that could be exploited by a malicious actor to stealthily install firmware on affected devices and take control of them. Discovered by Red Balloon Security, the issues are tracked as CVE-2022-38773 (CVSS score: 4.6), with the low severity stemming from the...
Read More
Malicious actors are actively attempting to exploit a recently patched critical vulnerability in Control Web Panel (CWP) that enables elevated privileges and unauthenticated remote code execution (RCE) on susceptible servers. Tracked as CVE-2022-44877 (CVSS score: 9.8), the bug impacts all versions of the software before 0.9.8.1147 and was patched by its maintainers on October 25, 2022. Control Web Panel,...
Read More
A new analysis of Raspberry Robin’s attack infrastructure has revealed that it’s possible for other threat actors to repurpose the infections for their own malicious activities, making it an even more potent threat. Raspberry Robin (aka QNAP worm), attributed to a threat actor dubbed DEV-0856, is a malware that has increasingly come under the radar for being used in attacks...
Read More
A recent wave of Gootkit malware loader attacks has targeted the Australian healthcare sector by leveraging legitimate tools like VLC Media Player. Gootkit, also called Gootloader, is known to employ search engine optimization (SEO) poisoning tactics (aka spamdexing) for initial access. It typically works by compromising and abusing legitimate infrastructure and seeding those sites with common keywords. Like other...
Read More
1 2 3 4 5 9