A stealthy Linux malware, dubbed AVrecon, was found targeting more than 70,000 Linux-based SOHO routers at least since May 2021. It reportedly hijacked these devices to form a botnet that could steal bandwidth and provide a hidden residential proxy service. A total of 15 second-stage control servers were discovered by security researchers. It has marked […]
The fact that WormGPT operates without any ethical boundaries underscores the threat posed by generative AI, even permitting novice cybercriminals to launch attacks swiftly and at scale without having the technical wherewithal to do so.
Mandiant experts have observed a significant rise in malware attacks aimed at stealing sensitive information through the use of USB drives. The attacks targeted a variety of industries including those in construction, engineering, government, manufacturing, retail, media, and pharmaceutical. Organizations are urged to prioritize access restrictions on USB devices or conduct thorough scans for malicious […]
An unreported .NET loader referred to as CustomerLoader is being distributed through deceptive phishing emails, YouTube videos, and web pages that mimicked genuine websites. This loader possesses the capability to retrieve, decrypt, and execute additional payloads.
Colorado State University (CSU) has confirmed that the Clop ransomware operation stole sensitive personal information of current and former students and employees during the recent MOVEit Transfer data-theft attacks.
Researchers from Ruhr University Bochum and the CISPA Helmholtz Center for Information Security in Saarbrücken have assessed the security mechanisms of satellites currently orbiting the Earth from an IT perspective.
A group of congressional Democrats reported that three large tax preparation firms sent “extraordinarily sensitive” information on tens of millions of taxpayers to Facebook parent company Meta over the course of at least two years.
“The botnet run by TeamTNT has set its sights on Docker and Kubernetes environments, Redis servers, Postgres databases, Hadoop clusters, Tomcat and Nginx servers, Weave Scope, SSH, and Jupyter applications,” Aqua security researchers said.
A majority of the infections are located in the U.K. and the U.S., followed by Argentina, Nigeria, Brazil, Italy, Bangladesh, Vietnam, India, Russia, and South Africa, among others.
It was discovered that AIOS version 5.1.9 writes plaintext passwords from login attempts to the database, which essentially provides any privileged user with access to the login credentials of all other administrator users.