IT threat evolution in Q2 2023
Q2 2023 overview: targeted attacks such as Operation Triangulation, CloudWizard and Lazarus activity, Nokoyawa ransomware, and others.
More results...
Q2 2023 overview: targeted attacks such as Operation Triangulation, CloudWizard and Lazarus activity, Nokoyawa ransomware, and others.
Administrators of Citrix NetScaler ADC and Gateway appliances should check for evidence of installed webshells even if they implemented fixes for CVE-2023-3519 quickly: A recent internet scan by Fox-IT researchers has revealed over 1,800 backdoored Net…
An unknown actor targeted an electric utility in southern Africa with Cobalt Strike beacons and DroxiDat, a new variant of the SystemBC payload. We speculate that this incident was in the initial stages of a ransomware attack.
In 2022 we investigated a series of attacks against industrial organizations in Eastern Europe. In the campaigns, the attackers aimed to establish a permanent channel for data exfiltration, including data stored on air-gapped systems.
By Habiba Rashid
Aquasec Investigation Exposes Alarming Rise in Kubernetes Misconfigurations Leading to Catastrophic Breaches.
This is a post from HackRead.com Read the original post: Cryptomining and Malware Flourish on Misconfigured Kubernetes Clusters
North Korean state-sponsored hackers have breached Russian missile maker NPO Mashinostroyeniya, according to SentinelLabs researchers. North Korean hackers discovered The researchers came across leaked email communication between NPO Mashinostroyeniya&…
Two North Korea-linked APT groups compromised the infrastructure of the major Russian missile engineering firm NPO Mashinostroyeniya. Cybersecurity firm SentinelOne linked the compromise of the major Russian missile engineering firm NPO Mashinostroyeniya to two different North Korea-linked APT groups. NPO Mashinostroyeniya (JSC MIC Mashinostroyenia, NPO Mash) is a leading Russian manufacturer of missiles and military […]
The post North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya appeared first on Security Affairs.
The Cybersecurity and Infrastructure Agency (CISA) has published an analysis report on the backdoors dropped by attackers exploiting CVE-2023-2868, a remote command injection vulnerability in Barracuda Email Security Gateway (ESG) appliances. Barracuda…
Turla has been targeting defense sector organizations in Ukraine and Eastern Europe with DeliveryCheck and Kazuar backdoors / infostealers and has been using compromised Microsoft Exchange servers to control them. Turla APT Turla (aka Secret Blizzard, …
By Habiba Rashid
At the time of writing, all reported fake repositories have been taken down and the malicious PoC has been removed from GitHub.
This is a post from HackRead.com Read the original post: Fake GitHub Repos Caught Dropping Malware as PoCs …