China-Linked Hackers Target Myanmar’s Top Ministries with Backdoor Blitz

Jan 30, 2024NewsroomMalware / Cyber Espionage The China-based threat actor known as Mustang Panda is suspected to have targeted Myanmar’s Ministry of Defence and Foreign Affairs as part of twin campaigns designed to deploy backdoors and remote access trojans. The findings come from CSIRT-CTI, which said the activities took place in November 2023 and January 2024 after artifacts in connection with the attacks were uploaded to the VirusTotal platform.…
Read more

URGENT: Upgrade GitLab – Critical Workspace Creation Flaw Allows File Overwrite

Jan 30, 2024NewsroomDevSecOps / Vulnerability GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could be exploited to write arbitrary files while creating a workspace. Tracked as CVE-2024-0402, the vulnerability has a CVSS score of 9.9 out of a maximum of 10.…
Read more

Brazilian Feds Dismantle Grandoreiro Banking Trojan, Arresting Top Operatives

Jan 30, 2024NewsroomCyber Crime / Malware A Brazilian law enforcement operation has led to the arrest of several Brazilian operators in charge of the Grandoreiro malware. The Federal Police of Brazil said it served five temporary arrest warrants and 13 search and seizure warrants in the states of São Paulo, Santa Catarina, Pará, Goiás, and Mato Grosso.…
Read more

Juniper Networks Releases Urgent Junos OS Updates for High-Severity Flaws

Jan 30, 2024NewsroomVulnerability / Network Security Juniper Networks has released out-of-band updates to address high-severity flaws in SRX Series and EX Series that could be exploited by a threat actor to take control of susceptible systems. The vulnerabilities, tracked as CVE-2024-21619 and CVE-2024-21620, are rooted in the J-Web component and impact all versions of Junos OS.…
Read more

Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords

Jan 29, 2024NewsroomVulnerability / NTML Security A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords when opening a specially crafted file. The issue, tracked as CVE-2023-35636 (CVSS score: 6.5), was addressed by the tech giant as part of its Patch Tuesday updates for December 2023.…
Read more

Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines

Jan 29, 2024NewsroomPyPI Repository / Malware Cybersecurity researchers have identified malicious packages on the open-source Python Package Index (PyPI) repository that deliver an information stealing malware called WhiteSnake Stealer on Windows systems. The malware-laced packages are named nigpal, figflix, telerer, seGMM, fbdebug, sGMM, myGens, NewGends, and TestLibs111.…
Read more

Unique Visitors
» 2,683 Today
» 42,130 Yesterday
» 106,501 This Week
» 558,643 This Month
» 3,251,930 This Year
» 19,487,025 Total (since 2019-12-11)
» Record: 205,757 (2023-08-13)
Counter by DarkWeb.Solutions