Malware & Threats - Security Ticks

Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability

Malware & Threats, Network Security, Vulnerabilities / SecurityTicks

Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability 21/08/2023 at 22:31 By Ryan Naraine A critical-severity vulnerability in the Ivanti Sentry (formerly MobileIron Sentry) product exposes sensitive API data and configurations. The post Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS […]

React to this headline:

Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability Read More »

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer

cybercrime, Malware, Malware & Threats, RAT / SecurityTicks

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer 21/08/2023 at 17:18 By Ionut Arghire Cyfirma security researchers uncover the real identity of the CypherRAT and CraxsRAT malware developer and MaaS operator. The post Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer Read More »

Stealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide Infrastructure

cryptomining, Malware & Threats, proxyjacking / SecurityTicks

Stealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide Infrastructure 18/08/2023 at 16:46 By Ionut Arghire The ‘LabRat’ cryptomining and proxyjacking operation relies on signature-based tools and stealthy cross-platform malware, and abuses TryCloudflare to hide its C&Cs. The post Stealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide Infrastructure appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Stealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide Infrastructure Read More »

Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands

cybercrime, Malware & Threats, Ransomware / SecurityTicks

Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands 17/08/2023 at 19:02 By Kevin Townsend A new report from Rapid7 says a ransomware gang like Cl0p would easily be able to afford a bevy of zero-day exploits for vulnerable enterprise software. The post Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands appeared

React to this headline:

Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands Read More »

Thousands of Systems Turned Into Proxy Exit Nodes via Malware

Malware, Malware & Threats / SecurityTicks

Thousands of Systems Turned Into Proxy Exit Nodes via Malware 17/08/2023 at 16:18 By Ionut Arghire Threat actors have been observed deploying a proxy application on Windows and macOS systems that were infected with malware. The post Thousands of Systems Turned Into Proxy Exit Nodes via Malware appeared first on SecurityWeek. This article is an

React to this headline:

Thousands of Systems Turned Into Proxy Exit Nodes via Malware Read More »

2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability

Malware & Threats, Vulnerabilities / SecurityTicks

2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability 15/08/2023 at 19:47 By Ionut Arghire A threat actor has exploited a recent Citrix vulnerability (CVE-2023-3519) to infect roughly 2,000 NetScaler instances with a backdoor. The post 2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability Read More »

Hacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer Malware

Malware & Threats / SecurityTicks

Hacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer Malware 15/08/2023 at 16:31 By Ionut Arghire Hudson Rock security researchers have identified credentials for hacker forums on roughly 120,000 computers infected with information stealers. The post Hacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer Malware appeared first on SecurityWeek. This article is

React to this headline:

Hacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer Malware Read More »

In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities

Government, In Other News, Malware & Threats, Vulnerabilities / SecurityTicks

In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities 11/08/2023 at 17:18 By SecurityWeek News Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of August 7, 2023. The post In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities appeared first

React to this headline:

In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities Read More »

Threat Actors Abuse Cloudflare Tunnel for Persistent Access, Data Theft

Cloudflare, Malware & Threats / SecurityTicks

Threat Actors Abuse Cloudflare Tunnel for Persistent Access, Data Theft 04/08/2023 at 17:03 By Ionut Arghire Threat actors have been observed abusing the open source Cloudflare Tunnel tool Cloudflared to maintain stealthy, persistent access to compromised systems. The post Threat Actors Abuse Cloudflare Tunnel for Persistent Access, Data Theft appeared first on SecurityWeek. This article

React to this headline:

Threat Actors Abuse Cloudflare Tunnel for Persistent Access, Data Theft Read More »

New hVNC macOS Malware Advertised on Hacker Forum

Mac malware, Malware & Threats / SecurityTicks

New hVNC macOS Malware Advertised on Hacker Forum 02/08/2023 at 18:03 By Ionut Arghire A new macOS-targeting hVNC malware family is being advertised on a prominent cybercrime forum. The post New hVNC macOS Malware Advertised on Hacker Forum appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

New hVNC macOS Malware Advertised on Hacker Forum Read More »

Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack

APT, Ivanti, Malware & Threats, Zero-Day / SecurityTicks

Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack 02/08/2023 at 09:31 By Eduard Kovacs The recently patched Ivanti EPMM zero-day CVE-2023-35078 has been exploited to hack the Norwegian government since at least April 2023. The post Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack appeared

React to this headline:

Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack Read More »

CISA Analyzes Malware Used in Barracuda ESG Attacks

Barracuda, Malware, Malware & Threats / SecurityTicks

CISA Analyzes Malware Used in Barracuda ESG Attacks 31/07/2023 at 13:31 By Ionut Arghire CISA has shared analysis reports on three malware families obtained from an organization hacked via a recent Barracuda ESG vulnerability. The post CISA Analyzes Malware Used in Barracuda ESG Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

CISA Analyzes Malware Used in Barracuda ESG Attacks Read More »

Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks

Featured, Ivanti, Malware & Threats, Vulnerabilities, Zero-Day / SecurityTicks

Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks 31/07/2023 at 13:31 By Eduard Kovacs Ivanti EPMM customers have been warned of CVE-2023-35081, a second zero-day vulnerability that has been exploited in targeted attacks. The post Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks Read More »

Exploitation of Recent Citrix ShareFile RCE Vulnerability Begins

Malware & Threats / SecurityTicks

Exploitation of Recent Citrix ShareFile RCE Vulnerability Begins 28/07/2023 at 17:47 By Ionut Arghire The first attempts to exploit CVE-2023-24489, a recent critical Citrix ShareFile remote code execution vulnerability, have been observed. The post Exploitation of Recent Citrix ShareFile RCE Vulnerability Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Exploitation of Recent Citrix ShareFile RCE Vulnerability Begins Read More »

In Other News: Military Emails Leaked, Google Restricts Internet Access, Chinese Spyware

email security, ICS/OT, In Other News, Malware & Threats / SecurityTicks

In Other News: Military Emails Leaked, Google Restricts Internet Access, Chinese Spyware 21/07/2023 at 18:03 By Eduard Kovacs Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of July 17, 2023. The post In Other News: Military Emails Leaked, Google Restricts Internet Access,

React to this headline:

In Other News: Military Emails Leaked, Google Restricts Internet Access, Chinese Spyware Read More »

Multiple DDoS Botnets Exploiting Recent Zyxel Vulnerability

botnet, Malware & Threats, Zyxel / SecurityTicks

Multiple DDoS Botnets Exploiting Recent Zyxel Vulnerability 20/07/2023 at 21:18 By Ionut Arghire Multiple DDoS botnets have been observed targeting CVE-2023-28771, a Zyxel firewall vulnerability patched in April. The post Multiple DDoS Botnets Exploiting Recent Zyxel Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Multiple DDoS Botnets Exploiting Recent Zyxel Vulnerability Read More »

Two Jira Plugin Vulnerabilities in Attacker Crosshairs

exploited, Jira, Malware & Threats / SecurityTicks

Two Jira Plugin Vulnerabilities in Attacker Crosshairs 19/07/2023 at 16:52 By Ionut Arghire Attackers are exploiting two path traversal vulnerabilities in the Stagil navigation for Jira – Menus & Themes plugin. The post Two Jira Plugin Vulnerabilities in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Two Jira Plugin Vulnerabilities in Attacker Crosshairs Read More »

US Gov Mercenary Spyware Clampdown Hits Cytrox, Intellexa

cytrox, Government, intellexa, Malware & Threats, nso group, Tracking & Law Enforcement / SecurityTicks

US Gov Mercenary Spyware Clampdown Hits Cytrox, Intellexa 19/07/2023 at 02:02 By Ryan Naraine The two foreign companies are being sanctioned for “for trafficking in cyber exploits used to gain access to information systems.” The post US Gov Mercenary Spyware Clampdown Hits Cytrox, Intellexa appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

US Gov Mercenary Spyware Clampdown Hits Cytrox, Intellexa Read More »

WordPress Sites Hacked via Critical Vulnerability in WooCommerce Payments Plugin

Malware & Threats / SecurityTicks

WordPress Sites Hacked via Critical Vulnerability in WooCommerce Payments Plugin 18/07/2023 at 16:48 By Ionut Arghire Attackers have started exploiting CVE-2023-28121, a recent critical vulnerability in the WooCommerce Payments WordPress plugin. The post WordPress Sites Hacked via Critical Vulnerability in WooCommerce Payments Plugin appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

WordPress Sites Hacked via Critical Vulnerability in WooCommerce Payments Plugin Read More »

Netcraft Raises $100M, Hires New CEO for Global Expansion

Fraud & Identity Theft, Funding/M&A, Malware & Threats, Netcraft / SecurityTicks

Netcraft Raises $100M, Hires New CEO for Global Expansion 18/07/2023 at 14:19 By Ryan Naraine The British company secures $100 million in funding and announced the hiring of a new chief executive to pursue global expansion plans. The post Netcraft Raises $100M, Hires New CEO for Global Expansion appeared first on SecurityWeek. This article is

React to this headline:

Netcraft Raises $100M, Hires New CEO for Global Expansion Read More »