Follina

XWorm Malware Exploits Follina Vulnerability in New Wave of Attacks

May 12, 2023 by iHash Leave a Comment

May 12, 2023Ravie LakshmananCyber Threat / Malware Cybersecurity researchers have discovered an ongoing phishing campaign that makes use of a unique attack chain to deliver the XWorm malware on targeted systems. Securonix, which is tracking the activity cluster under the name MEME#4CHAN, said some of the attacks have primarily targeted manufacturing firms and healthcare … [Read more...] about XWorm Malware Exploits Follina Vulnerability in New Wave of Attacks

Hackers Exploiting Follina Bug to Deploy Rozena Backdoor

Jul 9, 2022 by iHash Leave a Comment

A newly observed phishing campaign is leveraging the recently disclosed Follina security vulnerability to distribute a previously undocumented backdoor on Windows systems. "Rozena is a backdoor malware that is capable of injecting a remote shell connection back to the attacker's machine," Fortinet FortiGuard Labs researcher Cara Lin said in a report this week. Tracked as … [Read more...] about Hackers Exploiting Follina Bug to Deploy Rozena Backdoor

Follina (CVE-2022-30190): a vulnerability in MSDT

Jun 1, 2022 by iHash Leave a Comment

Researchers have discovered another serious vulnerability in Microsoft products that potentially allows attackers to execute arbitrary code. MITRE designated this vulnerability as CVE-2022-30190, while researchers somewhat poetically named it Follina. The most disturbing thing is that there’s no fix for this bug yet. What’s even worse, the vulnerability is already being … [Read more...] about Follina (CVE-2022-30190): a vulnerability in MSDT

Solar Group Eliminates Complexity and Speeds Response Time

Solar Group is a leading European sourcing and services company whose core business centers on product sourcing, value-adding services and optimizing their customers’ businesses. Headquartered in Denmark, Solar’s 3,000 employees are focused on delivering sustainable solutions with dedication and credibility. Solar’s chief information security officer is Frank Christensen, who took on the role in […]

Connect a custom AWS S3 snapshot repository to Elastic Cloud

In this blog, we will walk through backing up our committed cluster data via Elasticsearch’s snapshots into an AWS S3 bucket. In Elastic Cloud (Enterprise), Elastic provides a built-in backup service under its found-snapshots repository. Elasticsearch also supports custom repositories for both Cloud and on-prem setups, connecting to data stores like AWS S3, GCP, and […]

A Pro-China Influence Network of Fake News Sites

Nov 23, 2024Ravie LakshmananCloud Security / Threat Intelligence Government agencies and non-governmental organizations in the United States have become the target of a nascent China state threat actor known as Storm-2077. The adversary, believed to be active since at least January 2024, has also conducted cyber attacks against the Defense Industrial Base (DIB), aviation, telecommunications, […]

Transform Troubleshooting with Logz.io’s AI Agent

As Gartner predicts, AI will support up to 70% of performance monitoring and troubleshooting tasks in the next few years. The Logz.io AI Agent helps teams get ahead of this curve today. Too much time spent troubleshooting? You’re not alone. Manual investigation, jumping between dashboards, and piecing together scattered data are time-consuming and frustrating. That’s […]

MITRE Center for Threat-Informed Defense Secure AI Partnership

The goal of the Secure AI project is to fortify the security of AI-enabled systems and address the unique vulnerabilities and novel adversary attacks they face Its results were used to expand MITRE ATLAS®, a comprehensive knowledge base of adversary tactics and techniques targeting AI systems As a cybersecurity industry leader and a Center for […]

APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware

Nov 22, 2024Ravie LakshmananCyber Attack / Malware The threat actor known as Mysterious Elephant has been observed using an advanced version of malware called Asynshell. The attack campaign is said to have used Hajj-themed lures to trick victims into executing a malicious payload under the guise of a Microsoft Compiled HTML Help (CHM) file, the […]

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate. Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54

XWorm Malware Exploits Follina Vulnerability in New Wave of Attacks

Hackers Exploiting Follina Bug to Deploy Rozena Backdoor

Follina (CVE-2022-30190): a vulnerability in MSDT