May 14, 2024 at 07:15AM Cybersecurity researchers have discovered an ongoing social engineering campaign targeting enterprises with spam emails to gain initial access and exploit their systems. The threat actors overwhelm users with junk emails and phone calls, trick them into installing remote desktop software, and leverage remote access for further malicious activities. Additionally, there … Read more
May 9, 2024 at 05:18AM The 2024 RSA Conference in San Francisco featured numerous product and service announcements. Highlights from the third day include AuditBoard’s InfoSec Solutions enhancements, Cado Security’s forensic investigations in distroless container environments, and CrowdStrike and NinjaOne’s partnership for endpoint protection. CyberSaint, Cyolo, ForAllSecure, Netcraft, OpenText, SentinelOne, and Skyhigh Security also introduced … Read more
April 28, 2024 at 10:52PM Businesses in the 2020s face the challenge of securing digital estates with outdated security concepts, leading to an increasing vulnerability to attackers. This is primarily driven by the exploitation of stolen credentials, phishing, and vulnerabilities. However, SSH Communications Security offers the PrivX Zero Trust Suite to address these issues through … Read more
April 15, 2024 at 07:48AM Authorities in Australia and the US have arrested and indicted two individuals for their involvement in the development and sale of the Hive remote access trojan (RAT), initially known as Firebird. One suspect in Australia was charged with twelve computer offenses, while in the US, Edmond Chakhmakhchyan, also known as … Read more
April 4, 2024 at 05:51PM This year, Ivanti has revealed 11 flaws, some of which are critical, in its remote access products. Based on the meeting notes, Ivanti has disclosed a total of 11 flaws in its remote access products, with many of them being critical. Full Article
April 1, 2024 at 12:30PM The Android banking malware Vultur has been updated, providing operators with greater control over infected devices. New capabilities include remote interaction, file modification, and the ability to bypass lock-screen protections. The malware continues to rely on AlphaVNC and ngrok for remote access, while employing anti-analysis techniques and evading detection. (Words: … Read more
April 1, 2024 at 02:15AM The Android banking trojan Vultur has reappeared with enhanced features and sophisticated tactics to avoid detection, allowing remote manipulation and data harvesting. Distribution involves trojanized apps and a dropper-as-a-service operation. A similar transition was observed with the Octo trojan, offering advanced features and infecting thousands of devices, primarily in specific … Read more
March 29, 2024 at 06:05PM Red Hat has warned about a backdoor in the xz compression library affecting Fedora Linux 40, 41, and Rawhide. The vulnerability, rated 10/10 in severity, provides remote backdoor access and interferes with sshd authentication. Users are advised to stop using Fedora Rawhide instances. Red Hat Enterprise Linux (RHEL) is not … Read more
March 27, 2024 at 07:03AM Researchers warn that threat actors are actively exploiting an unpatched vulnerability in the open-source artificial intelligence platform Anyscale Ray to hijack computing power for illicit cryptocurrency mining, affecting various sectors. The vulnerability, CVE-2023-48022, allows remote attackers to execute arbitrary code, leading to the breach of sensitive data and potential long-term … Read more
March 21, 2024 at 08:31AM RMM software provides IT support teams with tools to administer an entire system remotely, eliminating the need for in-person visits. It allows for remote access, automatic scanning for problems, and fixing issues without physical interaction. Leading RMM software includes NinjaOne, Syncro, Barracuda, N-able N-sight, ManageEngine RMM, and Site24x7 MSP Edition. … Read more