Attackers are also extracting credentials from cloud service providers, marking the first documented instance of Looney Tunables exploitation. The group has a history of quickly adapting its tactics to exploit newly disclosed vulnerabilities.
AsyncRAT is being distributed through a malicious HTML file and uses various file types like PowerShell, WSF, and VBScript to bypass detection. The infection chain begins with a spam email containing a malicious URL to download the HTML file.
DarkGate is a versatile malware that includes features such as keylogging, information stealing, and downloading and executing other payloads. The DarkGate malware has been involved in multiple campaigns and continues to evolve.
The Russia-based criminal reshipping service SWAT USA Drop was hacked, exposing its operations and revealing the involvement of over 1,200 people in reshipping stolen goods purchased with stolen credit cards.
Atlassian has issued a warning to administrators about a critical security flaw in Confluence software. The flaw, known as CVE-2023-22518, allows attackers to exploit improper authorization and potentially destroy data on vulnerable servers.
The integration of Innotec’s technology into Accenture’s framework will enable the company to provide around-the-clock managed services and drive revenue and headcount growth in the Spanish market.
By developing a SketchUp fuzzing harness and using a dumb file format fuzzer, 20 unique vulnerabilities, including use-after-free and stack buffer overflow, were discovered in just one month.
The company failed to adequately protect electronic protected health information, violated HIPAA laws, and lacked sufficient monitoring and policies to prevent and address cyberattacks.
Querétaro Intercontinental Airport in Mexico has experienced a cyberattack, with an employee downloading a file containing malware, but the airport’s operational security was not compromised and the attack has been contained and isolated.
MuddyWater’s tactics have evolved over time, with the group now utilizing a new file-sharing service called Storyblok and a new command-and-control framework called MuddyC2Go.