S3 Ep132: Proof-of-concept lets anyone hack at will
When Doug says, “Happy Remote Code Execution Day, Duck”… it’s irony. For the avoidance of all doubt 🙂
Cybercrime
North Korea-linked BlueNoroff APT is behind the new RustBucket Mac Malware
North Korea-linked APT group BlueNoroff (aka Lazarus) was spotted targeting Mac users with new RustBucket malware. Researchers from security firm Jamf observed the North Korea-linked BlueNoroff APT group using a new macOS malware, dubbed RustBucket, family in recent attacks. The group BlueNoroff is considered a group that operates under the control of the notorious North Korea-linked Lazarus APT group. The […]
The post North Korea-linked BlueNoroff APT is behind the new RustBucket Mac Malware appeared first on Security Affairs.
AuKill tool uses BYOVD attack to disable EDR software
Ransomware operators use the AuKill tool to disable EDR software through Bring Your Own Vulnerable Driver (BYOVD) attack. Sophos researchers reported that threat actors are using a previously undocumented defense evasion tool, dubbed AuKill, to disable endpoint detection and response (EDR) software. The tool relies on the Bring Your Own Vulnerable Driver (BYOVD) technique to disable the […]
The post AuKill tool uses BYOVD attack to disable EDR software appeared first on Security Affairs.
Organizations are stepping up their game against cyber threats
Global median dwell time drops to just over two weeks, reflecting the essential role partnerships and the exchange of information play in building a more resilient cybersecurity ecosystem, according to Mandiant. Modern cyber defense capabilities The re…
EvilExtractor, a new All-in-One info stealer appeared on the Dark Web
EvilExtractor is a new “all-in-one” info stealer for Windows that is being advertised for sale on dark web cybercrime forums. Fortinet FortiGuard Labs researchers discovered a new “all-in-one” info stealer for Windows, dubbed EvilExtractor (sometimes spelled Evil Extractor) that is available for sale on dark web cybercrime forums. EvilExtractor is a modular info-stealer, it exfiltrates […]
The post EvilExtractor, a new All-in-One info stealer appeared on the Dark Web appeared first on Security Affairs.
Over 70 billion unprotected files available on unsecured web servers
Critical exposures outside of an organization’s firewall are the greatest source of cybersecurity threats, according to CybelAngel. Across all industries, these vulnerabilities, composed of unprotected or compromised assets, data and credentials, have …
Health insurer Point32Health suffered a ransomware attack
Non-profit health insurer Point32Health suffered a ransomware attack and has taken systems offline in response to the incident. Non-profit health insurer Point32Health has taken systems offline in response to a ransomware attack that took place on April 17. The insurer immediately launched an investigation into the incident with the help of third-party cybersecurity experts to […]
The post Health insurer Point32Health suffered a ransomware attack appeared first on Security Affairs.
Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs […]
The post Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition appeared first on Security Affairs.
Abandoned Eval PHP WordPress plugin abused to backdoor websites
Threat actors were observed installing the abandoned Eval PHP plugin on compromised WordPress sites for backdoor deployment. Researchers from Sucuri warned that threat actors are installing the abandoned Eval PHP plugin on compromised WordPress sites for backdoor deployment. The Eval PHP plugin allows PHP code to be inserted into the pages and posts of WordPress […]
The post Abandoned Eval PHP WordPress plugin abused to backdoor websites appeared first on Security Affairs.
American Bar Association (ABA) suffered a data breach,1.4 million members impacted
The American Bar Association (ABA) disclosed a data breach, threat actors gained access to older credentials for 1,466,000 members. The American Bar Association (ABA) is a voluntary bar association of lawyers and law students; it is not specific to any jurisdiction in the United States. The ABA has 166,000 members as of 2022. The attackers may have […]
The post American Bar Association (ABA) suffered a data breach,1.4 million members impacted appeared first on Security Affairs.