Recent Security News
-
Malicious NuGet Package Targeting .NET Developers with SeroXen RAT
October 12, 2023 at 09:57AM A malicious package named Pathoschild.Stardew.Mod.Build.Config has been found on the NuGet package manager. It delivers a remote access trojan called SeroXen RAT. The package is a typosquat of a legitimate package and has artificially inflated its download count to over 100,000. The profile behind the package has published six other…
-
ShellBot Uses Hex IPs to Evade Detection in Attacks on Linux SSH Servers
October 12, 2023 at 09:57AM The ShellBot threat actors are using hexadecimal IP addresses to attack Linux SSH servers and deploy DDoS malware. The malware, also known as PerlBot, breaches servers with weak SSH credentials and then stages DDoS attacks and delivers cryptocurrency miners. The use of hexadecimal IP addresses is an attempt to avoid…
-
Unpatched Vulnerabilities Expose Yifan Industrial Routers to Attacks
October 12, 2023 at 07:39AM Chinese company Yifan’s industrial routers are vulnerable to critical security flaws, according to Cisco’s Talos. Yifan was given 90 days to release patches, but none have been issued. The flaws can allow attackers to execute arbitrary commands, change admin credentials, and access devices with admin privileges. All vulnerabilities can be…
-
CISO Pay Increases Are Slowing – a Look Behind the Figures
October 12, 2023 at 07:39AM CISO compensation levels are growing more slowly than in previous years, according to a survey by IANS Research and Artico Search. The average CISO total compensation increase was 11%, down from 14% the previous year. Additionally, 20% of CISOs did not receive a raise, double the previous year’s figure. The…