Zimbra issues awaited patch for actively exploited vulnerability
Two weeks ago, we urged readers to apply a workaround for an actively exploited vulnerability in Zimbra Collaboration Suite (ZCS) email servers. Zimbra has released ZCS 10.0.2 that fixes two security issues, including the known bug that could lead to exposure of internal JSP and XML files. Zimbra is an open source webmail application used for messaging […]
N. Korean Lazarus Group Suspected in $37.3M CoinsPaid Crypto Heist
By Habiba Rashid CoinsPaid’s internal systems were compromised, prompting the firm to temporarily halt operations for four days. This is a post from HackRead.com Read the original post: N. Korean Lazarus Group Suspected in $37.3M CoinsPaid Crypto Heist
Mobile Device Management: Securing the modern workplace
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. More mobile devices, more problems. The business landscape has shifted dramatically, as more endpoints connect to corporate networks from a wider variety of […]
Malvertising Attack Drops BlackCat Ransomware via Fake Search Results
By Waqas Happeneing through Google Search, hackers use a malicious ISO archive to distribute files that direct users to fake download pages of popular business applications. This is a post from HackRead.com Read the original post: Malvertising Attack Drops BlackCat Ransomware via Fake Search Results
IcedID Malware Adapts and Expands Threat with Updated BackConnect Module
The threat actors linked to the malware loader known as IcedID have made updates to the BackConnect (BC) module that’s used for post-compromise activity on hacked systems, new findings from Team Cymru reveal. IcedID, also called BokBot, is a strain of malware similar to Emotet and QakBot that started off as a banking trojan in 2017, before switching to […]
STARK#MULE Targets Koreans with U.S. Military-themed Document Lures
An ongoing cyber attack campaign has set its sights on Korean-speaking individuals by employing U.S. Military-themed document lures to trick them into running malware on compromised systems. Cybersecurity firm Securonix is tracking the activity under the name STARK#MULE. “Based on the source and likely targets, these types of attacks are on par with past attacks stemming […]
A Data Exfiltration Attack Scenario: The Porsche Experience
As part of Checkmarx’s mission to help organizations develop and deploy secure software, the Security Research team started looking at the security posture of major car manufacturers. Porsche has a well-established Vulnerability Reporting Policy (Disclosure Policy)[1], it was considered in scope for our research, so we decided to start there, and see what we could find. What […]
Data Leak Exposes 572 GB of Student, Faculty Info from Accreditation Org
By Habiba Rashid The data leak originated from a database owned by the Southern Association of Independent Schools, Inc. (SAIS). This is a post from HackRead.com Read the original post: Data Leak Exposes 572 GB of Student, Faculty Info from Accreditation Org
Hackers Abusing Windows Search Feature to Install Remote Access Trojans
A legitimate Windows search feature is being exploited by malicious actors to download arbitrary payloads from remote servers and compromise targeted systems with remote access trojans such as AsyncRAT and Remcos RAT. The novel attack technique, per Trellix, takes advantage of the “search-ms:” URI protocol handler, which offers the ability for applications and HTML links […]
BlueBravo Deploys GraphicalProton Backdoor Against European Diplomatic Entities
The Russian nation-state actor known as BlueBravo has been observed targeting diplomatic entities throughout Eastern Europe with the goal of delivering a new backdoor called GraphicalProton, exemplifying the continuous evolution of the threat. The phishing campaign is characterized by the use of legitimate internet services (LIS) for command-and-control (C2) obfuscation, Recorded Future said in