Windows

Kubernetes vulnerabilities allows RCE on Windows endpoints (CVE-2023-3676)

Akamai, Don't miss, Hot stuff, Kubernetes, News, security update, vulnerability, Windows /

Kubernetes vulnerabilities allows RCE on Windows endpoints (CVE-2023-3676) 18/09/2023 at 14:32 By Helga Labus Three high-severity Kubernetes vulnerabilities (CVE-2023-3676, CVE-2023-3893, CVE-2023-3955) could allow attackers to execute code remotely and gain control over all Windows nodes in the Kubernetes cluster. About the vulnerabilities CVE-2023-3676, discovered by Akamai researcher Tomer Peled, is a command injection vulnerability that […]

React to this headline:

Loading spinner

Kubernetes vulnerabilities allows RCE on Windows endpoints (CVE-2023-3676) Read More »

LockBit leaks sensitive data from maximum security fence manufacturer

critical infrastructure, data breach, Data leak, Don't miss, Hot stuff, legacy technology, News, UK, Windows /

LockBit leaks sensitive data from maximum security fence manufacturer 05/09/2023 at 17:32 By Helga Labus The LockBit ransomware group has breached Zaun, a UK-based manufacturer of fencing systems for military sites and critical utilities, by compromising a legacy computer running Windows 7 and using it as an initial point of access to the wider company

React to this headline:

Loading spinner

LockBit leaks sensitive data from maximum security fence manufacturer Read More »

Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831)

0-day, cybercrime, Don't miss, Group-IB, Hot stuff, News, security update, Windows, WinRAR /

Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831) 23/08/2023 at 18:46 By Zeljka Zorz Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR (CVE-2023-38831) to trick traders into installing malware that would allow them to steal money from broker accounts. “This vulnerability has been exploited since April 2023,” says Group-IB malware

React to this headline:

Loading spinner

Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831) Read More »

WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477)

Don't miss, Hot stuff, News, security update, Trend Micro, vulnerability, Windows, WinRAR /

WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477) 21/08/2023 at 14:47 By Helga Labus RARLAB has fixed a high-severity RCE vulnerability (CVE-2023-40477) in the popular file archiver tool WinRAR. About CVE-2023-40477 A widely used Windows-only utility, WinRAR can create and extract file archives in various compression formats (RAR, ZIP, CAB, ARJ, LZH, TAR, GZip,

React to this headline:

Loading spinner

WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477) Read More »

Stremio vulnerability exposes millions to RCE and data theft

CyFox, data theft, Don't miss, exploit, hijacking, News, vulnerability, Windows /

Stremio vulnerability exposes millions to RCE and data theft 31/07/2023 at 11:02 By Help Net Security CyFox has recently identified a critical hijacking vulnerability in Stremio 4.4, a popular software platform for streaming movies and TV shows. With over 5 million users relying on Stremio for their entertainment needs, this vulnerability poses a significant risk

React to this headline:

Loading spinner

Stremio vulnerability exposes millions to RCE and data theft Read More »

Trojanized Application Preying on TeamViewer Users

Malware, Microsoft, njRAT, Remote Access Trojan, TeamViewer, trojan, Windows /

Trojanized Application Preying on TeamViewer Users 13/07/2023 at 14:32 By cybleinc Cyble Research & Intelligence Labs analyzes a trojanized version of the TeamViewer application and how it distributes njRAT. The post Trojanized Application Preying on TeamViewer Users appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

Trojanized Application Preying on TeamViewer Users Read More »

Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884)

0-day, BlackBerry, Cisco, cyber espionage, cybercrime, Don't miss, drivers, Google, Hot stuff, Microsoft, MS Office, News, Ransomware, rootkits, security update, Tenable, Trend Micro, Volexity, vulnerability, Windows /

Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884) 11/07/2023 at 22:31 By Zeljka Zorz For July 2023 Patch Tuesday, Microsoft has delivered 130 patches; among them are four for vulnerabilites actively exploited by attackers, but no patch for CVE-2023-36884, an Office and Windows HTML RCE vulnerability exploited in targeted attacks

React to this headline:

Loading spinner

Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884) Read More »

ARCrypt Ransomware Evolves with Multiple TOR Communication Channels

ARCrypt, ChileLocker, Go, Linux, Ransomware, Windows /

ARCrypt Ransomware Evolves with Multiple TOR Communication Channels 06/07/2023 at 19:01 By cybleinc CRIL analyses an updated version of ARCrypt ransomware and an unconventional communication method attackers use. The post ARCrypt Ransomware Evolves with Multiple TOR Communication Channels appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this

React to this headline:

Loading spinner

ARCrypt Ransomware Evolves with Multiple TOR Communication Channels Read More »

Unveiling Wagner Group’s Cyber-Recruitment

Bakhmut, Crimea, data breach, Defense Minister, Donbas, Luhansk, Malware, Minister of Defence of Russia, PMC Wagner, prigozhin, Ransomware, Russia, Russia-Ukraine conflict, Russian Army, Russian Defense Minister, Shoigu, Telegram, Threat Intelligence, Vladimir Putin, Volodymyr Oleksandrovych Zelenskyy, Windows, Yevgeny Viktorovich Prigozhin, Zelensky /

Unveiling Wagner Group’s Cyber-Recruitment 27/06/2023 at 15:18 By cybleinc Cyble analyzes Wagner Ransomware, a ransomware variant promoting recruitment into PMC Wagner amidst ongoing Russian internal conflict. The post Unveiling Wagner Group’s Cyber-Recruitment appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

Unveiling Wagner Group’s Cyber-Recruitment Read More »

PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178)

Cisco, Don't miss, exploit, Hot stuff, News, PoC, security update, vulnerability, Windows /

PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178) 23/06/2023 at 17:19 By Helga Labus Proof-of-concept (PoC) exploit code for the high-severity vulnerability (CVE-2023-20178) in Cisco Secure Client Software for Windows and Cisco AnyConnect Secure Mobility Client Software for Windows has been published. About the vulnerability Cisco Secure Client Software – previously known as

React to this headline:

Loading spinner

PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178) Read More »

Trojanized Super Mario Game Installer Spreads SupremeBot Malware

Armory, AtomicWallet, Bitcoin, Brave, Bytecoin, Chrome, Chromium, Coinomi, Comodo, crypto mining, Cryptocurrency, Cryptominer, cybercrime, Discord, Edge, Electrum, Enlisted, EpicPrivacy, Ethereum, Gamers, Gaming, GitHub, Guarda, GUI, HTTP Service, Iridium, Jaxx, Malware, Mario movie, Monero, NSIS Installer, Opera, Slimjet, Super Mario Bros, Super Mario Forever, super-mario-forever-v702e, SupremeBot, Threat Intelligence, trojan, Umbral Stealer, Ur, Vivaldi, Windows, XMR, XMR Miner, Yandex, Zcash /

Trojanized Super Mario Game Installer Spreads SupremeBot Malware 23/06/2023 at 15:24 By cybleinc Cyble analyzes SupremeBot, a crypto-mining client leveraging a trojanized Super Mario game installer to spread Umbral stealer malware. The post Trojanized Super Mario Game Installer Spreads SupremeBot Malware appeared first on Cyble. This article is an excerpt from Cyble View Original Source

React to this headline:

Loading spinner

Trojanized Super Mario Game Installer Spreads SupremeBot Malware Read More »

Malicious Tools in the Underground: Investigating their Propagation

AES, apple, Atomic, Binance, C, Chrome, Chromium, Coinbase, Coinomi, Cryptocurrency, darkweb, DDoS, Delphi, DMG, Exodus, Keplr, Keylogging, Linux, LummaC2 Stealer, MaaS, macOS, Malware, Martian, Meduza, MetaMask, Mozilla, Phantom, PKG, RaaS, RSA, Russian, SaaS, ShadowVault, Telegram, Threat Intelligence, Trigona, Tron Link, Trust, Windows /

Malicious Tools in the Underground: Investigating their Propagation 16/06/2023 at 19:04 By cybleinc Cyble Research & Intelligence Labs investigates the recent promulgation of Malicious Tools in underground forums. The post Malicious Tools in the Underground: Investigating their Propagation appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this

React to this headline:

Loading spinner

Malicious Tools in the Underground: Investigating their Propagation Read More »

June 2023 Patch Tuesday: Critical patches for Microsoft Windows, SharePoint, Exchange

Automox, Don't miss, Hot stuff, Microsoft Exchange, News, Patch Tuesday, security update, SharePoint, Tenable, Trend Micro, Windows /

June 2023 Patch Tuesday: Critical patches for Microsoft Windows, SharePoint, Exchange 13/06/2023 at 21:48 By Zeljka Zorz For June 2023 Patch Tuesday, Microsoft has delivered 70 new patches but, for once, none of the fixed vulnerabilities are currently exploited by attackers nor were publicly known before today! Microsoft has previously fixed CVE-2023-3079, a type confusion

React to this headline:

Loading spinner

June 2023 Patch Tuesday: Critical patches for Microsoft Windows, SharePoint, Exchange Read More »

Threat Actor Targets Russian Gaming Community With WannaCry-Imitator

Crypter Ransomware, cybercrime, Darkflow Software, data breach, Data leak, Discord, Encryption, Enlisted, Gaijin Entertainment, GitHub, GitLab, GUI, JSON, Malware, Mutex, phishing, Python, Ransomware, Russia, Threat Intelligence, WannaCry 3.0, WannaCry 3.0 Crypter, Windows /

Threat Actor Targets Russian Gaming Community With WannaCry-Imitator 13/06/2023 at 19:21 By cybleinc CRIL analyzes WannaCry-Imitator Ransomware, a phishing gaming site targeting the Russian Gaming community The post Threat Actor Targets Russian Gaming Community With WannaCry-Imitator appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

Threat Actor Targets Russian Gaming Community With WannaCry-Imitator Read More »

Unmasking the Darkrace Ransomware Gang

cybercrime, cybersecurity, Darkrace, Darkrace Ransomware, darkweb, Data leak, Double extortion, Lockbit 3.0, LockBit Ransomware, Malware, Mutex, Ransomware, Threat Actors, Threat Intelligence, Windows /

Unmasking the Darkrace Ransomware Gang 08/06/2023 at 15:02 By cybleinc New Ransomware Holds Similarities with LockBit Ransomware Ransomware continues to pose the most critical cybersecurity threat to organizations’ infrastructure. This malicious software encrypts victims’ files and extorts payment in return for the decryption key. The consequences of ransomware attacks can be severe, including financial losses,

React to this headline:

Loading spinner

Unmasking the Darkrace Ransomware Gang Read More »

Microsoft Makes SMB Signing Default Requirement in Windows 11 to Boost Security

Endpoint Security, Security Architecture, SMB, Windows /

Microsoft Makes SMB Signing Default Requirement in Windows 11 to Boost Security 05/06/2023 at 16:47 By Ionut Arghire Microsoft is making SMB signing a default requirement in Windows 11 Enterprise editions, starting with insider preview build 25381. The post Microsoft Makes SMB Signing Default Requirement in Windows 11 to Boost Security appeared first on SecurityWeek.

React to this headline:

Loading spinner

Microsoft Makes SMB Signing Default Requirement in Windows 11 to Boost Security Read More »

Qakbot: The trojan that just won’t go away

Don't miss, Hot stuff, Lumen, Malware, Microsoft, News, phishing, Ransomware, trojan, Windows /

Qakbot: The trojan that just won’t go away 02/06/2023 at 11:33 By Helga Labus Qakbot (aka Qbot) – banking malware-turned-malware/ransomware distribution network – has been first observed in 2007 and is active to this day. The neverending adaptability of this threat is key to its long-term survival and success. “Qakbot operators tend to reduce or

React to this headline:

Loading spinner

Qakbot: The trojan that just won’t go away Read More »

‘NoEscape’ Ransomware-as-a-Service (RaaS)

C, ChaCha20, CIS, Commonwealth of Independent States, cybercrime, darkweb, data breach, Data leak, Malware, NoEscape, RaaS, Ransomware, Ransomware Affiliate, Russia, Safe Mode, Server Message Block, Threat Intelligence, Triple-Extortion, Windows, Windows NT 10.0 /

‘NoEscape’ Ransomware-as-a-Service (RaaS) 01/06/2023 at 18:32 By cybleinc CRIL analyzes the newly advertised ‘NoEscape’ Ransomware-as-a-Service (RaaS) program that claims to facilitate sophisticated extortion operations using an advanced, indigenously developed ransomware strain. The post ‘NoEscape’ Ransomware-as-a-Service (RaaS) appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

‘NoEscape’ Ransomware-as-a-Service (RaaS) Read More »

New Buhti ransomware uses leaked payloads and public exploits

cybercrime, Don't miss, Hot stuff, Linux, Malware, News, Ransomware, Symantec, Windows /

New Buhti ransomware uses leaked payloads and public exploits 26/05/2023 at 08:09 By Helga Labus A newly identified ransomware operation has refashioned leaked LockBit and Babuk payloads into Buhti ransomware, to launch attacks on both Windows and Linux systems. Use of public exploits One notable aspect of the attackers leveraging the Buhti ransomware is their

React to this headline:

Loading spinner

New Buhti ransomware uses leaked payloads and public exploits Read More »

Scroll to Top