Internet Security

Crooks use PaperCut exploits to deliver Cl0p and LockBit ransomware

April 27, 2023 add comment
Microsoft revealed that recent attacks against PaperCut servers aimed at distributing Cl0p and LockBit ransomware. Microsoft linked the recent attacks against PaperCut servers to a financially motivated threat actor tracked... Read more »

CryptoRom: OkCupid scam cost Florida man $480k – we followed the money to Binance

April 27, 2023 add comment
CyberNews analyzed a classic cryptocurrency romance scam, also known as CryptoRom, explaining how scammers hid the money CryptoRom scammers hid the money with several layers of obfuscation, but the... Read more »

Iranian Charming Kitten APT used a new BellaCiao malware in recent wave of attacks

April 27, 2023 add comment
Iran-linked APT group Charming Kitten employed a new malware dubbed BellaCiao in attacks against victims in the U.S., Europe, the Middle East and India. Iran-linked Charming Kitten group, (aka APT35, Phosphorus, Newscaster, and Ajax Security Team) made the headlines... Read more »

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

April 26, 2023 add comment
China-linked threat actor tracked as Alloy Taurus is using a Linux variant of the PingPull backdoor and a new tool dubbed Sword2033. Researchers from Palo Alto Networks Unit 42 recently observed... Read more »

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

April 26, 2023 add comment
German government warns that technology to regulate power consumption in Huawei network appliances could be used for sabotage purposes.  In March, the interior ministry announced it was conducting an... Read more »

Thousands of publicly-exposed Apache Superset installs exposed to RCE attacks

April 26, 2023 add comment
Apache Superset open-source data visualization platform is affected by an insecure default configuration that could lead to remote code execution. Apache Superset is an open-source data visualization and data exploration... Read more »

Pro-Russia hacking group executed a disruptive attack against a Canadian gas pipeline

April 26, 2023 add comment
Pro-Russia hacking group Zarya caused a cybersecurity incident at a Canadian gas pipeline, the critical infrastructure sector is on alert. A Canadian gas pipeline suffered a cyber security incident,... Read more »

SLP flaw allows DDoS attacks with an amplification factor as high as 2200 times

April 25, 2023 add comment
A flaw in the Service Location Protocol (SLP), tracked as CVE-2023-29552, can allow to carry out powerful DDoS attacks. A high-severity security vulnerability (CVE-2023-29552, CVSS score: 8.6) impacting the... Read more »

VMware addressed two zero-day flaws demonstrated at Pwn2Own Vancouver 2023

April 25, 2023 add comment
VMware addressed zero-day flaws that can be chained to achieve arbitrary code execution on Workstation and Fusion software hypervisors. VMware released security updates to address two zero-day vulnerabilities (CVE-2023-20869,... Read more »

A new Mirai botnet variant targets TP-Link Archer A21

April 25, 2023 add comment
Mirai botnet started exploiting the CVE-2023-1389 vulnerability (aka ZDI-CAN-19557/ZDI-23-451) in TP-Link Archer A21 in recent attacks. Last week, the Zero Day Initiative (ZDI) threat-hunting team observed the Mirai botnet... Read more »
Subscribe to our Newsletter