Multiple unpatched security vulnerabilities have been disclosed in Mitsubishi safety programmable logic controllers (PLCs) that could be exploited by an adversary to acquire legitimate user names registered in the module via a brute-force attack, unauthorizedly login to the CPU module, and even cause a denial-of-service (DoS) condition. The security weaknesses, disclosed by … [Read more...] about Unpatched Security Flaws Expose Mitsubishi Safety PLCs to Remote Attacks
attacks
New Mirai-Inspired Botnet Could Be Using Your KGUARD DVRs in Cyber Attacks
Cybersecurity researchers on Thursday revealed details about a new Mirai-inspired botnet called "mirai_ptea" that leverages an undisclosed vulnerability in digital video recorders (DVR) provided by KGUARD to propagate and carry out distributed denial-of-service (DDoS) attacks. Chinese security firm Netlab 360 pinned the first probe against the flaw on March 23, 2021, before it … [Read more...] about New Mirai-Inspired Botnet Could Be Using Your KGUARD DVRs in Cyber Attacks
Molerats Hackers Return With New Attacks Targeting Middle Eastern Governments
A Middle Eastern advanced persistent threat (APT) group has resurfaced after a two-month hiatus to target government institutions in the Middle East and global government entities associated with geopolitics in the region in a rash of new campaigns observed earlier this month. Sunnyvale-based enterprise security firm Proofpoint attributed the activity to a politically motivated … [Read more...] about Molerats Hackers Return With New Attacks Targeting Middle Eastern Governments
Ukraine Police Arrest Cyber Criminals Behind Clop Ransomware Attacks
Ukrainian law enforcement officials on Wednesday announced the arrest of the Clop ransomware gang, adding it disrupted the infrastructure employed in attacks targeting victims worldwide since at least 2019. As part of a joint operation between the National Police of Ukraine and authorities from the Republic of Korea and the U.S., six defendants have been accused of running a … [Read more...] about Ukraine Police Arrest Cyber Criminals Behind Clop Ransomware Attacks
Crypto-Mining Attacks Targeting Kubernetes Clusters via Kubeflow Instances
Cybersecurity researchers on Tuesday disclosed a new large-scale campaign targeting Kubeflow deployments to run malicious cryptocurrency mining containers. The campaign involved deploying TensorFlow pods on Kubernetes clusters, with the pods running legitimate TensorFlow images from the official Docker Hub account. However, the container images were configured to execute rogue … [Read more...] about Crypto-Mining Attacks Targeting Kubernetes Clusters via Kubeflow Instances
GitHub Updates Policy to Remove Exploit Code When Used in Active Attacks
Code-hosting platform GitHub Friday officially announced a series of updates to the site's policies that delve into how the company deals with malware and exploit code uploaded to its service. "We explicitly permit dual-use security technologies and content related to research into vulnerabilities, malware, and exploits," the Microsoft-owned company said. "We understand that … [Read more...] about GitHub Updates Policy to Remove Exploit Code When Used in Active Attacks
Threat Explainer: Supply Chain Attacks
Let’s say that you’re confident in your security posture. You have endpoint protection in place, firewalls defending the perimeter, and phishing filters on incoming email. You’ve leveraged tools to check for anomalies in your network traffic, rolled out an SSO solution, and implemented processes to securely connect to the network remotely. These defenses make it harder for bad … [Read more...] about Threat Explainer: Supply Chain Attacks
Hackers Exploit SonicWall Zero-Day Bug in FiveHands Ransomware Attacks
An "aggressive" financially motivated threat group tapped into a zero-day flaw in SonicWall VPN appliances prior to it being patched by the company to deploy a new strain of ransomware called FIVEHANDS. The group, tracked by cybersecurity firm Mandiant as UNC2447, took advantage of an "improper SQL command neutralization" flaw in the SSL-VPN SMA100 product (CVE-2021-20016, CVSS … [Read more...] about Hackers Exploit SonicWall Zero-Day Bug in FiveHands Ransomware Attacks
New QNAP NAS Flaws Exploited In Recent Ransomware Attacks
A new ransomware strain called "Qlocker" is targeting QNAP network attached storage (NAS) devices as part of an ongoing campaign and encrypting files in password-protected 7zip archives. First reports of the infections emerged on April 20, with the adversaries behind the operations demanding a bitcoin payment (0.01 bitcoins or about $500.57) to receive the decryption key. In … [Read more...] about New QNAP NAS Flaws Exploited In Recent Ransomware Attacks
New JavaScript Exploit Can Now Carry Out DDR4 Rowhammer Attacks
Academics from Vrije University in Amsterdam and ETH Zurich have published a new research paper describing yet another variation of the Rowhammer attack. Dubbed SMASH (Synchronized MAny-Sided Hammering), the technique can be used to successfully trigger the attack from JavaScript on modern DDR4 RAM cards, notwithstanding extensive mitigations that have been put in place by … [Read more...] about New JavaScript Exploit Can Now Carry Out DDR4 Rowhammer Attacks