A fresh Android banking trojan has emerged to target Brazilian financial institutions with the intention of defrauding them using the PIX payments system. Dubbed PixPirate by the Italian cybersecurity firm Cleafy, it pertains to the most recent generation of Android banking threats that allow a hacker to automatically insert a malicious money transfer over the […]
Sunlogin security holes are being used by a new hacking effort to launch Windows Bring Your Own Vulnerable Driver (BYOVD) attacks and distribute the Sliver post-exploitation toolkit. The exploitation of the flaw leads to the installation of Gh0st RAT. However, in some cases, hackers installed XMRig CoinMiner instead of Gh0st RAT.
There did not appear to be any broader fallout from the hacking incident. Nate Fick uses the account sparingly and instead promotes his work through an official State Department account.
CERT-FR was the first to notice and send an alert about the attack. Italy’s National Cybersecurity Agency (ACN) and Cyber Security Agency of Singapore have also issued warnings for organizations to take immediate action to protect their systems.
Biden’s announcement also included new leadership for NSTAC. Scott Charney, VP for Security Policy at Microsoft, will chair the committee, while Jeffrey Storey, former President and CEO at Lumen Technologies will serve as vice-chair.
A critical vulnerability affecting wireless communication base stations from Baicells Technologies can be exploited to cause disruption in telecom networks or take complete control of data and voice traffic, according to a researcher.
WithSecure researchers spotted a new campaign, dubbed No Pineapple, by North Korean Lazarus hackers targeting energy and medical research sectors with the Acres RAT. Lazarus gains access to a flawed Zimbra mail server by abusing RCE flaws tracked as CVE-2022-27925 and CVE-2022-37042.
A new hacking campaign exploits Sunlogin flaws to deploy the Sliver post-exploitation toolkit and launch Windows Bring Your Own Vulnerable Driver (BYOVD) attacks to disable security software.
“This is not believed to be exploitable, and it occurs in the unprivileged pre-auth process that is subject to chroot(2) and is further sandboxed on most major platforms,” OpenSSH disclosed in its release notes on February 2, 2023.
Royal Ransomware is the latest ransomware operation to add support for encrypting Linux devices to its most recent malware variants, specifically targeting VMware ESXi virtual machines.