Posted on Leave a comment

Hackers From North Korea Stole Millions Of Dollars From Cryptocurrency Startups All Across The World.

Researchers reported that ,”The attackers have been subtly abusing the confidence of targeted company personnel by delivering them a full-featured Windows backdoor with spying functions disguised as a contract or other business documents. The actor has established significant and dangerous resources such as complicated infrastructure, exploits and malware implants, in order to finally empty the victim’s crypto wallet.”

According to a new research issued by blockchain analytics firm Chainalysis, the Lazarus Group was linked to seven attacks against cryptocurrency platforms … Read more

Posted on Leave a comment

Iranian Hackers Use A Log4j Vulnerability To Install A Backdoor In PowerShell.

Check point researchers reported that “The actor’s attack setup was ¬†fast, as they employed a basic open-source tool for exploitation and built their activities on existing infrastructure, making the attack easy to detect and attribute,”

The attackers employed one of the publicly accessible open-source JNDI Exploit Kits to exploit the Log4j vulnerability (CVE-2021-44228), which has since been deleted from GitHub due to its great popularity following the vulnerability’s discovery. We will omit the details of the actual exploitation phase because … Read more

Posted on Leave a comment

Microsoft Addresses Critical “Wormable” Vulnerability On The First Patch Tuesday Of 2022.

Microsoft’s first batch of updates for 2022 began on Tuesday, correcting 96 security flaws across its software ecosystem and advising consumers to prioritise patching for a severe “wormable” vulnerability. Nine of the 96 vulnerabilities are rated Critical, while the remaining 89 are rated Important, with six zero-day vulnerabilities publicly disclosed at the time of the release.

In addition, Microsoft Edge was fixed for 29 problems on January 6, 2022. There is no indication that any of the disclosed bugs are … Read more

Posted on Leave a comment

Microsoft Exposes A MacOS Bug That Could Allow Attackers To Access User Data.

Microsoft 365 Defender Research team reported that,” The vulnerability was dubbed “powerdir” it to Apple on July 15, 2021. Apple addressed the issue as part of the macOS 11.6 and 12.1 updates which were released in December 2021 and included improved state management.

The flaw, identified as CVE-2021-30970, is related to a logic issue in the Transparency, Consent, and Control (TCC) security framework, which allows users to configure the privacy settings of their apps and grant access to protected files … Read more

Posted on Leave a comment

Botnet Abcbot Linked To The Xanthe Cryptomining Malware Operators.

Abcbot attacks, first reported by Qihoo 360’s Netlab security team in November 2021, are triggered by a malicious shell script that targets insecure cloud instances operated by cloud service providers such as Huawei, Tencent, Baidu, and Alibaba Cloud to download malware that co-opts the machine to a botnet, but not before terminating processes from competing threat actors and establishing persistence.

Cado Security has issued an analysis, “Our ongoing investigation into this malware family uncovers a clear relationship to Cisco’s Read more

Posted on Leave a comment

Researchers Identified That APT Hackers Infecting Their Own Infra In Recent Malware Attacks.

Malwarebytes Threat Intelligence Team reported that ,”Ironically, all of the information we gathered was made possible by the threat actor infecting themselves with their own [remote access trojan], which resulted in captured keystrokes and screenshots of their own computer and virtual machines.

Pakistan’s Ministry of Defense, National Defence University of Islamabad, Faculty of Bio-Sciences at UVAS Lahore, International Center for Chemical and Biological Sciences (ICCBS), H.E.J. Research Institute of Chemistry, and Salim Habib University are among the major victims (SBU).… Read more