Research From Claroty’s Team82 Highlights Remote Access Risks Facing Mission-Critical OT Assets

May 24, 2024 at 02:16PM Claroty, a cyber-physical systems (CPS) protection company, has released proprietary data revealing security risks in mission-critical operational technology (OT) assets due to insecure internet connections and known vulnerabilities. To address this, they launched the Claroty xDome Secure Access, which balances secure control and frictionless access for enhanced productivity and reduced … Read more

Ongoing Campaign Bombarded Enterprises with Spam Emails and Phone Calls

May 14, 2024 at 07:15AM Cybersecurity researchers have discovered an ongoing social engineering campaign targeting enterprises with spam emails to gain initial access and exploit their systems. The threat actors overwhelm users with junk emails and phone calls, trick them into installing remote desktop software, and leverage remote access for further malicious activities. Additionally, there … Read more

RSA Conference 2024 – Announcements Summary (Day 3)

May 9, 2024 at 05:18AM The 2024 RSA Conference in San Francisco featured numerous product and service announcements. Highlights from the third day include AuditBoard’s InfoSec Solutions enhancements, Cado Security’s forensic investigations in distroless container environments, and CrowdStrike and NinjaOne’s partnership for endpoint protection. CyberSaint, Cyolo, ForAllSecure, Netcraft, OpenText, SentinelOne, and Skyhigh Security also introduced … Read more

The next step up for high-impact identity authorization

April 28, 2024 at 10:52PM Businesses in the 2020s face the challenge of securing digital estates with outdated security concepts, leading to an increasing vulnerability to attackers. This is primarily driven by the exploitation of stolen credentials, phishing, and vulnerabilities. However, SSH Communications Security offers the PrivX Zero Trust Suite to address these issues through … Read more

Two People Arrested in Australia and US for Development and Sale of Hive RAT

April 15, 2024 at 07:48AM Authorities in Australia and the US have arrested and indicted two individuals for their involvement in the development and sale of the Hive remote access trojan (RAT), initially known as Firebird. One suspect in Australia was charged with twelve computer offenses, while in the US, Edmond Chakhmakhchyan, also known as … Read more

Ivanti Pledges Security Overhaul the Day After 4 More Vulns Disclosed

April 4, 2024 at 05:51PM This year, Ivanti has revealed 11 flaws, some of which are critical, in its remote access products. Based on the meeting notes, Ivanti has disclosed a total of 11 flaws in its remote access products, with many of them being critical. Full Article

‘Vultur’ Android Malware Gets Extensive Device Interaction Capabilities

April 1, 2024 at 12:30PM The Android banking malware Vultur has been updated, providing operators with greater control over infected devices. New capabilities include remote interaction, file modification, and the ability to bypass lock-screen protections. The malware continues to rely on AlphaVNC and ngrok for remote access, while employing anti-analysis techniques and evading detection. (Words: … Read more

Vultur Android Banking Trojan Returns with Upgraded Remote Control Capabilities

April 1, 2024 at 02:15AM The Android banking trojan Vultur has reappeared with enhanced features and sophisticated tactics to avoid detection, allowing remote manipulation and data harvesting. Distribution involves trojanized apps and a dropper-as-a-service operation. A similar transition was observed with the Octo trojan, offering advanced features and infecting thousands of devices, primarily in specific … Read more

Malicious backdoor sneaks into xz, Linux world’s data compression library and tool

March 29, 2024 at 06:05PM Red Hat has warned about a backdoor in the xz compression library affecting Fedora Linux 40, 41, and Rawhide. The vulnerability, rated 10/10 in severity, provides remote backdoor access and interferes with sshd authentication. Users are advised to stop using Fedora Rawhide instances. Red Hat Enterprise Linux (RHEL) is not … Read more

Critical Unpatched Ray AI Platform Vulnerability Exploited for Cryptocurrency Mining

March 27, 2024 at 07:03AM Researchers warn that threat actors are actively exploiting an unpatched vulnerability in the open-source artificial intelligence platform Anyscale Ray to hijack computing power for illicit cryptocurrency mining, affecting various sectors. The vulnerability, CVE-2023-48022, allows remote attackers to execute arbitrary code, leading to the breach of sensitive data and potential long-term … Read more