SSL/TLS servers or other servers using 2048-bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.
The ransomware attack on PFC appears to be part of a trend where cybercriminals are not targeting healthcare providers directly but turn on their partner organizations instead.
Solana-based liquidity protocol Crema Finance had more than $8.78 million worth of cryptocurrencies stolen from its platform in an attack over the weekend, developers said in a tweet.
The new ZuoRAT is targeting Small Office/Home Office, or SOHO, routers across North America and Europe, as part of an advanced campaign. An investigation into the case divulged that the trojan can cripple routers from multiple brands, such as ASUS, DrayTek, Cisco, and NETGEAR. For mitigation, organizations should ensure patch-planning for routers and confirm these devices […]
AstraLocker ransomware is shutting down its operations and has released decryptors. The threat actor plans on moving to cryptojacking from extortion schemes. However, some of the speculations are that the group feared some action by global law enforcement. Emsisoft is planning to soon roll out a universal decryptor for AstraLocker ransomware, which is currently in […]
MITRE has released the 2022 CWE most dangerous software bugs list, highlighting that enterprises still face a raft of common weaknesses that must be protected from exploitation. Bugs, which fall under the software weaknesses category also include flaws, vulnerabilities, and various other errors found extensively in software solutions’ code, architecture, implementation, or design.
Federal agencies have been ordered to patch their Linux servers against PwnKit within three weeks. The most astounding part is that it remained hidden for over 12 years since pkexec’s first release. Successful exploitation of the flaw could induce pkexec to execute arbitrary code. Organizations are recommended to prioritize timely remediation of the issues in order to […]
While we only tested one decryptor that successfully decrypted files locked in one campaign, other decryptors in the archive are likely designed to decrypt files encrypted in previous campaigns.
A new infostealer, named YTStealer, is targeting content creators on YouTube in an attempt to steal their authentication tokens and take over their accounts. The buyers of the compromised accounts typically use these stolen authentication cookies to hijack YouTube channels for various scams or demand a ransom from the actual owners. YouTube creators can consider […]
The recent campaign targets i686 and x86_64 Linux systems. It employs RCE exploits for CVE-2019-2725 (WebLogic) and CVE-2022-26134 (Atlassian Confluence Server and Data Center) for initial access.