September 26, 2024 at 12:06PM Researchers disclosed vulnerabilities in Kia vehicles allowing remote control and access to sensitive information by exploiting the dealership infrastructure. Impacting vehicles made after 2013, attackers could add themselves as “invisible” users, track and send commands to the vehicle discreetly. The flaws were patched by Kia in August 2024 following responsible … Read more
September 25, 2024 at 08:48AM Researcher Shawn Merdinger discovered a serious vulnerability in a US healthcare facility that allows threat actors to hack its building doors. The vulnerability stems from the exposure of the facility’s door access system to the internet and the use of default credentials. The facility has denied the findings, and some … Read more
September 11, 2024 at 07:07AM During Black Hat, watchTowr Labs researchers discovered vulnerabilities in the WHOIS protocol. They purchased an expired domain to demonstrate its potential misuse. The findings revealed that numerous organizations and government entities were still querying the expired domain, highlighting serious security concerns. The researchers also identified vulnerabilities in TLS/SSL certificate authorities, … Read more
September 3, 2024 at 06:51AM Security researcher Mark Ermolov claims to have made progress in hacking Intel’s SGX data protection technology, extracting cryptographic keys. Johns Hopkins University’s Pratyush Ranjan Tiwari highlighted the severity of this breach, affecting older processors widely used in embedded systems. Intel responded, stating the tests were conducted on unmitigated systems with … Read more
August 9, 2024 at 06:39PM Cloud security researchers discovered critical flaws in Amazon Web Services (AWS) that could lead to remote code execution, user takeover, data exposure, and denial of service. The “Bucket Monopoly” issue allows attackers to create covert access to S3 buckets, potentially enabling data theft, privilege escalation, and malicious code execution. AWS … Read more
August 7, 2024 at 10:57AM A new Linux kernel exploitation technique named SLUBStick has been uncovered, offering the potential to escalate a limited heap vulnerability to an arbitrary memory read-and-write primitive. This method demonstrates the ability to modify kernel data and overcome existing defenses, but it relies on the existence of a heap vulnerability and … Read more
July 23, 2024 at 03:59PM Evasive Panda, also known as Daggerfly, is a Chinese advanced persistent threat (APT) group that targets telecommunications companies, government agencies, NGOs, universities, and private individuals. It has developed malware for various platforms, including Windows, macOS, Android, Linux, and Solaris, showcasing its ambition and diverse capabilities. The group’s continuous development and … Read more
July 16, 2024 at 06:19AM Cybersecurity researchers discovered two malicious packages on the npm registry containing backdoor code for executing commands from a remote server. The packages, disguised as legitimate libraries, were taken down after being downloaded 190 and 48 times. The code was designed to execute disguised command and control functionality hidden in image … Read more
July 10, 2024 at 03:23PM ViperSoftX malware utilizes CLR to execute PowerShell within AutoIt scripts, enabling evasion of detection. It is distributed disguised as ebooks on torrent sites, using malicious RAR archives and decoy files. The malware employs various evasion techniques, including base64 obfuscation, AES encryption, and deceptive hostnames, aiming to steal system and cryptocurrency … Read more
June 28, 2024 at 08:10AM Security researchers have uncovered details about the 8220 Gang’s cryptocurrency mining operation, exploiting known vulnerabilities in Oracle WebLogic Server. The threat actor uses fileless execution techniques and a multi-stage loading technique, including dropping a miner payload via PowerShell script. Additionally, a new installer tool called k4spreader has been detailed, used … Read more