Winter Vivern APT Targets European Government Entities with Zimbra Vulnerability

Mar 31, 2023Ravie LakshmananCyber Espionage / APT The advanced persistent threat (APT) actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign. “TA473 since at least February 2023 has continuously leveraged an unpatched Zimbra vulnerability in publicly facing webmail portals that allows them to gain access to the email mailboxes of government entities in Europe,” Proofpoint said in a new report.…
Read more

3CX Supply Chain Attack — Here’s What We Know So Far

Mar 31, 2023Ravie LakshmananCyber Threat / Supply Chain Attack Enterprise communications software maker 3CX on Thursday confirmed that multiple versions of its desktop app for Windows and macOS are affected by a supply chain attack. The version numbers include 18.12.407 and 18.12.416 for Windows and 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 for macOS.…
Read more

Cyber Police of Ukraine Busted Phishing Gang Responsible for $4.33 Million Scam

Mar 31, 2023Ravie LakshmananCyber Crime / Hacking News The Cyber Police of Ukraine, in collaboration with law enforcement officials from Czechia, has arrested several members of a cybercriminal gang that set up phishing sites to target European users. Two of the apprehended affiliates are believed to be organizers, with 10 others detained in other territories across the European Union.…
Read more

Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor

Mar 30, 2023Ravie LakshmananEndpoint Security / Malware A Chinese state-sponsored threat activity group tracked as RedGolf has been attributed to the use of a custom Windows and Linux backdoor called KEYPLUG. “RedGolf is a particularly prolific Chinese state-sponsored threat actor group that has likely been active for many years against a wide range of industries globally,” Recorded Future told The Hacker News.…
Read more

Researchers Detail Severe “Super FabriXss” Vulnerability in Microsoft Azure SFX

Mar 30, 2023Ravie LakshmananCloud Security / Vulnerability Details have emerged about a now-patched vulnerability in Azure Service Fabric Explorer (SFX) that could lead to unauthenticated remote code execution. Tracked as CVE-2023-23383 (CVSS score: 8.2), the issue has been dubbed “Super FabriXss” by Orca Security, a nod to the FabriXss flaw (CVE-2022-35829, CVSS score: 6.2) that was fixed by Microsoft in October 2022.…
Read more

Cyberstorage: Leveraging the Multi-Cloud to Combat Data Exfiltration

Mar 30, 2023The Hacker NewsData Security / Encryption Multi-cloud data storage, once merely a byproduct of the great cloud migration, has now become a strategy for data management. “Multi-cloud by design,” and its companion the supercloud, is an ecosystem in which several cloud systems work together to provide many organizational benefits, including increased scale and overall resiliency.…
Read more

New Wi-Fi Protocol Security Flaw Affecting Linux, Android and iOS Devices

Mar 30, 2023Ravie LakshmananNetwork Security A group of academics from Northeastern University and KU Leuven has disclosed a fundamental design flaw in the IEEE 802.11 Wi-Fi protocol standard, impacting a wide range of devices running Linux, FreeBSD, Android, and iOS. Successful exploitation of the shortcoming could be abused to hijack TCP connections or intercept client and web traffic, researchers Domien Schepers, Aanjhan Ranganathan, and Mathy Vanhoef said in a paper published this week.…
Read more

3CX Desktop App Supply Chain Attack Leaves Millions at Risk – Urgent Update on the Way!

Mar 30, 2023Ravie LakshmananSupply Chain / Software Security 3CX said it’s working on a software update for its desktop app after multiple cybersecurity vendors sounded the alarm on what appears to be an active supply chain attack that’s using digitally signed and rigged installers of the popular voice and video conferencing software to target downstream customers.…
Read more

AlienFox Malware Targets API Keys and Secrets from AWS, Google, and Microsoft Cloud Services

Mar 30, 2023Ravie LakshmananCloud Security / Cyber Threat A new “comprehensive toolset” called AlienFox is being distributed on Telegram as a way for threat actors to harvest credentials from API keys and secrets from popular cloud service providers. “The spread of AlienFox represents an unreported trend towards attacking more minimal cloud services, unsuitable for crypto mining, in order to enable and expand subsequent campaigns,” SentinelOne security researcher Alex Delamotte said in a report shared with The Hacker News.…
Read more

Unique Visitors
» 3,107 Today
» 42,130 Yesterday
» 106,925 This Week
» 559,067 This Month
» 3,252,354 This Year
» 19,487,449 Total (since 2019-12-11)
» Record: 205,757 (2023-08-13)
Counter by DarkWeb.Solutions