Hacking News

New PowerExchange Backdoor linked to an Iranian APT group

An alleged Iran-linked APT group targeted an organization linked to the United Arab Emirates (U.A.E.) with the new PowerExchange backdoor. Researchers from the Fortinet FortiGuard Labs observed an attack targeting a government entity in the United Arab Emirates with a new PowerShell-based backdoor dubbed PowerExchange. The experts speculate that the backdoor is likely linked to an […]

The post New PowerExchange Backdoor linked to an Iranian APT group appeared first on Security Affairs.

May 27, 2023
0 comment
Read More >>

Dark Frost Botnet targets the gaming sector with powerful DDoS

Researchers spotted a new botnet dubbed Dark Frost that is used to launch distributed denial-of-service (DDoS) attacks against the gaming industry. Researchers from Akamai discovered a new botnet called Dark Frost that was employed in distributed denial-of-service (DDoS) attacks. The botnet borrows code from several popular bot families, including Mirai, Gafgyt, and Qbot. The Dark Frost botnet was […]

The post Dark Frost Botnet targets the gaming sector with powerful DDoS appeared first on Security Affairs.

May 26, 2023
0 comment
Read More >>

New CosmicEnergy ICS malware threatens energy grid assets

Experts detailed a new piece of malware, named CosmicEnergy, that is linked to Russia and targets industrial control systems (ICS).  Researchers from Mandiant discovered a new malware, named CosmicEnergy, designed to target operational technology (OT) / industrial control system (ICS) systems. The malicious code was first uploaded to a public malware scanning service in December 2021 by […]

The post New CosmicEnergy ICS malware threatens energy grid assets appeared first on Security Affairs.

May 26, 2023
0 comment
Read More >>

D-Link fixes two critical flaws in D-View 8 network management suite

D-Link fixed two critical flaws in its D-View 8 network management suite that could lead to authentication bypass and arbitrary code execution. D-Link has addressed two critical vulnerabilities (CVSS score: 9.8) in its D-View 8 network management suite that could be exploited by remote attackers to bypass authentication and execute arbitrary code. The D-View network […]

The post D-Link fixes two critical flaws in D-View 8 network management suite appeared first on Security Affairs.

May 26, 2023
0 comment
Read More >>

Zyxel firewall and VPN devices affected by critical flaws

Zyxel fixed two critical flaws in multiple firewall and VPN products that can lead to remote code execution or cause a DoS condition. Zyxel addressed two critical buffer overflow vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010, that affect several of its firewall and VPN products. A remote, unauthenticated attacker can can trigger the flaws to cause a denial-of-service (DoS) […]

The post Zyxel firewall and VPN devices affected by critical flaws appeared first on Security Affairs.

May 25, 2023
0 comment
Read More >>

North Korea-linked Lazarus APT targets Microsoft IIS servers to deploy malware

North Korea-linked APT group Lazarus actor has been targeting vulnerable Microsoft IIS servers to deploy malware. AhnLab Security Emergency response Center (ASEC) researchers reported that the Lazarus APT Group is targeting vulnerable versions of Microsoft IIS servers in a recent wave of malware-based attacks. Once discovered a vulnerable ISS server, the attackers leverage the DLL side-loading […]

The post North Korea-linked Lazarus APT targets Microsoft IIS servers to deploy malware appeared first on Security Affairs.

May 25, 2023
0 comment
Read More >>

Iran-linked Tortoiseshell APT behind watering hole attacks on shipping and logistics Israeli websites

Iran-linked threat actor Tortoiseshell targeted shipping, logistics, and financial services companies in Israel with watering hole attacks. ClearSky Cyber Security uncovered a watering hole attack on at least eight Israeli websites belonging to shipping, logistics, and financial services companies and attributed them with low confidence to the Iran-linked APT group Tortoiseshell (aka TA456 or Imperial […]

The post Iran-linked Tortoiseshell APT behind watering hole attacks on shipping and logistics Israeli websites appeared first on Security Affairs.

May 25, 2023
0 comment
Read More >>

Barracuda Email Security Gateway (ESG) hacked via zero-day bug

Barracuda warned customers that some of its Email Security Gateway (ESG) appliances were breached exploiting a zero-day vulnerability. Network security solutions provider Barracuda warned customers that some of its Email Security Gateway (ESG) appliances were recently breached by threat actors exploiting a now-patched zero-day vulnerability. The vulnerability, tracked as CVE-2023-2868, resides in the module for […]

The post Barracuda Email Security Gateway (ESG) hacked via zero-day bug appeared first on Security Affairs.

May 24, 2023
0 comment
Read More >>

Ukraine’s CERT-UA warns of espionage activity conducted by UAC-0063

The Computer Emergency Response Team of Ukraine (CERT-UA) warns of a cyberespionage campaign targeting state bodies in the country. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks targeting state bodies in the country as part of an espionage campaign conducted by a threat actor tracked as UAC-0063. The nation-state actor […]

The post Ukraine’s CERT-UA warns of espionage activity conducted by UAC-0063 appeared first on Security Affairs.

May 24, 2023
0 comment
Read More >>

AhRat Android RAT was concealed in iRecorder app in Google Play

ESET found a new remote access trojan (RAT), dubbed AhRat, on the Google Play Store that was concealed in an Android screen recording app. ESET researchers have discovered an Android app on Google Play that was hiding a new remote access trojan (RAT) dubbed AhRat. The app, named iRecorder – Screen Recorder, has more than […]

The post AhRat Android RAT was concealed in iRecorder app in Google Play appeared first on Security Affairs.

May 24, 2023
0 comment
Read More >>