October 24, 2023 at 05:45AM The threat actor behind the recent Cisco device backdoor attack has modified the implant to avoid detection through previous fingerprinting methods. The attacks exploit zero-day vulnerabilities, allowing the actor to gain access to devices and deploy a Lua-based implant. Cisco is rolling out security updates, but the exact identity of … Read more
October 20, 2023 at 05:57AM ExelaStealer, a new information stealer, has emerged in the crowded world of off-the-shelf malware. It is an open-source infostealer with customizable features, capable of stealing various types of sensitive data from compromised Windows systems. ExelaStealer is sold on cybercrime forums and a dedicated Telegram channel for as low as $20 … Read more
October 19, 2023 at 12:33AM State-backed threat actors from Russia and China are exploiting a security flaw in the WinRAR archiver tool for Windows. The vulnerability (CVE-2023-38831) allows attackers to execute code when a user tries to view a benign file in a ZIP archive. The attackers include FROZENBARENTS (Sandworm), FROZENLAKE (APT28), and ISLANDDREAMS (APT40). … Read more
October 17, 2023 at 10:51AM Two critical security flaws have been discovered in the CasaOS personal cloud software. These vulnerabilities allow attackers to bypass authentication and gain full access to the CasaOS dashboard. Additionally, attackers can exploit third-party applications to execute arbitrary commands on the system and gain persistent access. The flaws have been addressed … Read more
October 13, 2023 at 07:06AM DarkGate, a piece of malware, is being spread through instant messaging platforms like Skype and Microsoft Teams. The malware is delivered disguised as a PDF document and triggers the download and execution of an AutoIt script that launches the malware. The malware can harvest sensitive data, conduct cryptocurrency mining, and … Read more