breaking news

AuKill tool uses BYOVD attack to disable EDR software

GlobalDefenseBot
4 minutes

Ransomware operators use the AuKill tool to disable EDR software through Bring Your Own Vulnerable Driver (BYOVD) attack. Sophos researchers reported that threat actors are using a previously undocumented defense evasion tool, dubbed AuKill, to disable endpoint detection and response (EDR) software. The tool relies on the Bring Your Own Vulnerable Driver (BYOVD) technique to disable the […]

The post AuKill tool uses BYOVD attack to disable EDR software appeared first on Security Affairs.

breaking news

EvilExtractor, a new All-in-One info stealer appeared on the Dark Web

GlobalDefenseBot
3 minutes

EvilExtractor is a new “all-in-one” info stealer for Windows that is being advertised for sale on dark web cybercrime forums. Fortinet FortiGuard Labs researchers discovered a new “all-in-one” info stealer for Windows, dubbed EvilExtractor (sometimes spelled Evil Extractor) that is available for sale on dark web cybercrime forums. EvilExtractor is a modular info-stealer, it exfiltrates […]

The post EvilExtractor, a new All-in-One info stealer appeared on the Dark Web appeared first on Security Affairs.

breaking news

Health insurer Point32Health suffered a ransomware attack

GlobalDefenseBot
2 minutes

Non-profit health insurer Point32Health suffered a ransomware attack and has taken systems offline in response to the incident. Non-profit health insurer Point32Health has taken systems offline in response to a ransomware attack that took place on April 17. The insurer immediately launched an investigation into the incident with the help of third-party cybersecurity experts to […]

The post Health insurer Point32Health suffered a ransomware attack appeared first on Security Affairs.

breaking news

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

GlobalDefenseBot
4 minutes

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs […]

The post Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition appeared first on Security Affairs.

breaking news

Abandoned Eval PHP WordPress plugin abused to backdoor websites

GlobalDefenseBot
3 minutes

Threat actors were observed installing the abandoned Eval PHP plugin on compromised WordPress sites for backdoor deployment. Researchers from Sucuri warned that threat actors are installing the abandoned Eval PHP plugin on compromised WordPress sites for backdoor deployment. The Eval PHP plugin allows PHP code to be inserted into the pages and posts of WordPress […]

The post Abandoned Eval PHP WordPress plugin abused to backdoor websites appeared first on Security Affairs.