Feb 29, 2024NewsroomLinux / Network Security Threat hunters have discovered a new Linux malware called GTPDOOR that's designed to be deployed in telecom networks that are adjacent to GPRS roaming exchanges (GRX) The malware is novel in the fact that it leverages the GPRS Tunnelling Protocol (GTP) for command-and-control (C2) communications. GPRS roaming allows subscribers to … [Read more...] about GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks
Exploiting
Turkish Hackers Exploiting Poorly Secured MS SQL Servers Across the Globe
Jan 09, 2024NewsroomData Security / Cyber Attack Poorly secured Microsoft SQL (MS SQL) servers are being targeted in the U.S., European Union, and Latin American (LATAM) regions as part of an ongoing financially motivated campaign to gain initial access. "The analyzed threat campaign appears to end in one of two ways, either the selling of 'access' to the compromised host, or … [Read more...] about Turkish Hackers Exploiting Poorly Secured MS SQL Servers Across the Globe
New Emerging APT Threat Exploiting WinRAR Flaw
Nov 16, 2023NewsroomAdvanced Persistent Threat / Zero-Day A hacking group that leveraged a recently disclosed security flaw in the WinRAR software as a zero-day has now been categorized as an entirely new advanced persistent threat (APT). Cybersecurity company NSFOCUS has described DarkCasino as an "economically motivated" actor that first came to light in 2021. "DarkCasino … [Read more...] about New Emerging APT Threat Exploiting WinRAR Flaw
Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments
Nov 03, 2023NewsroomCloud Security / Linux The threat actors linked to Kinsing have been observed attempting to exploit the recently disclosed Linux privilege escalation flaw called Looney Tunables as part of a "new experimental campaign" designed to breach cloud environments. "Intriguingly, the attacker is also broadening the horizons of their cloud-native attacks by … [Read more...] about Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments
Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software
Oct 25, 2023NewsroomThreat Intelligence / Vulnerability The threat actor known as Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023, to harvest email messages from victims' accounts. "Winter Vivern has stepped up its operations by using a zero-day vulnerability in Roundcube," ESET security researcher Matthieu Faou … [Read more...] about Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software
How scammers are exploiting X Premium (Twitter Blue)
Since Elon Musk bought Twitter, there’s been such a constant stream of changes on the social platform that it’s been genuinely difficult to keep up — especially for those who don’t spend all their free time on Twitter. One significant change that looks likely it’s here to stay concerns X’s account verification system — the notorious blue checkmarks. So let’s investigate what … [Read more...] about How scammers are exploiting X Premium (Twitter Blue)
Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts
Jul 01, 2023Ravie LakshmananWebsite Security / Cyber Threat As many as 200,000 WordPress websites are at risk of ongoing attacks exploiting a critical unpatched security vulnerability in the Ultimate Member plugin. The flaw, tracked as CVE-2023-3460 (CVSS score: 9.8), impacts all versions of the Ultimate Member plugin, including the latest version (2.6.6) that was released on … [Read more...] about Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts
U.S. and U.K. Warn of Russian Hackers Exploiting Cisco Router Flaws for Espionage
Apr 19, 2023Ravie LakshmananNetwork Security / Cyber Espionage U.K. and U.S. cybersecurity and intelligence agencies have warned of Russian nation-state actors exploiting now-patched flaws in networking equipment from Cisco to conduct reconnaissance and deploy malware against targets. The intrusions, per the authorities, took place in 2021 and targeted a small number of … [Read more...] about U.S. and U.K. Warn of Russian Hackers Exploiting Cisco Router Flaws for Espionage
New Mirai Botnet Variant ‘V3G4’ Exploiting 13 Flaws to Target Linux and IoT Devices
Feb 17, 2023Ravie LakshmananIoT Security / Cyber Attack A new variant of the notorious Mirai botnet has been found leveraging several security vulnerabilities to propagate itself to Linux and IoT devices. Observed during the second half of 2022, the new version has been dubbed V3G4 by Palo Alto Networks Unit 42, which identified three different campaigns likely conducted by … [Read more...] about New Mirai Botnet Variant ‘V3G4’ Exploiting 13 Flaws to Target Linux and IoT Devices
CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws
Feb 11, 2023Ravie LakshmananThreat Response / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active abuse in the wild. Included among the three is CVE-2022-24990, a bug affecting TerraMaster network-attached storage (TNAS) devices that could … [Read more...] about CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws