The zero-day bug fixed (tracked as CVE-2022-1096) is a high severity type confusion weakness in the Chrome V8 JavaScript engine reported by an anonymous security researcher.
Volexity discovered a newly discovered macOS variant of Gimmick, a malware implant developed by a Chinese group tracked as Storm Cloud. It is targeting organizations across Asia. The samples of the GIMMICK malware are large and complex, which suggests the threat actor behind it seems to be well resourced. Moreover, there is the possibility that […]
These shortcomings meant it was possible for attackers to upload an XSS payload, providing it contained a file whose name ended with ‘html’ – a category that includes far more than just simple .html files.
At least 30 vulnerabilities were found in the past year in the DIAEnergie industrial energy management system made by Delta Electronics. The company says it has created patches for all of them.
The infamou hacker collective claims to have compromised the systems of the Central Bank of Russia and stolen 35,000 files, it announced that it will leak the files in 48 hours.
The number of complaints received by the FBI IC3 in 2021 (847,376) has surpassed that of complaints in 2020 (791,790), and the total monetary loss suffered by victims ($6.9 Billion) has far outstripped losses suffered in 2020 ($4.2 Billion).
The Lapsus$ group, also tracked as DEV-0537, deploys the RedLine password stealer to get access to session tokens and passwords. It buys session tokens and credentials from underground forums. These credentials are used to access VPN, RDP, and VDI systems.
According to Trustwave, the email campaign distributing Vidar is not very sophisticated. The email contains a generic subject line and an attachment, “request.doc,” which is actually a .iso disk image.
A 23-year-old Russian national has been indicted in the U.S. and added to the Federal Bureau of Investigation’s (FBI) Cyber Most Wanted List for his alleged role as the administrator of Marketplace A.
DoubleZero wipe files use two techniques, overwriting their content with zero blocks of 4096 bytes (using FileStream.Write) or using API-calls NtFileOpen, NtFsControlFile (code: FSCTL_SET_ZERO_DATA).