Archives

Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution

Multiple SQL injection vulnerabilities have been disclosed in Gentoo Soko that could lead to remote code execution (RCE) on vulnerable systems. “These SQL injections happened despite the use of an Object-Relational Mapping (ORM) library and prepared statements,” SonarSource researcher Thomas Chauchefoin said, adding they could result in RCE on Soko because of a “misconfiguration of the […]

Understanding ransomware reinfection: An MDR case study

Ransomware is like that stubborn cold that you thought you kicked, but creeps back up determined to run amok again. The question is what medicine is available to kick this nasty infection for good. In this post, we’ll break down the idea of ransomware reinfection and share a real-life episode where Malwarebytes Managed Detection and […]

Company finds lost SSD—and confidential data—for sale on eBay

Major software company SAP is putting the pieces of a story involving missing SSD disks back together. Four SSD disks are alleged to have gone on an adventure last November, making their way out of a Walldorf, Germany, datacenter with one of them ending up on eBay. An investigation revealed that despite the disks being located in […]

Hackers Hiding DcRAT Malware in Fake OnlyFans Content

By Habiba Rashid DcRAT malware includes a ransomware plugin that encrypts non-system files, rendering them inaccessible without the decryption key, which threat actors will likely hold for ransom. This is a post from HackRead.com Read the original post: Hackers Hiding DcRAT Malware in Fake OnlyFans Content

New Ongoing Campaign Targets npm Ecosystem with Unique Execution Chain

Cybersecurity researchers have discovered a new ongoing campaign aimed at the npm ecosystem that leverages a unique execution chain to deliver an unknown payload to targeted systems. “The packages in question seem to be published in pairs, each pair working in unison to fetch additional resources which are subsequently decoded and/or executed,” software supply chain security […]

New Mockingjay Process Injection Technique Could Let Malware Evade Detection

A new process injection technique dubbed Mockingjay could be exploited by threat actors to bypass security solutions to execute malicious code on compromised systems. “The injection is executed without space allocation, setting permissions or even starting a thread,” Security Joes researchers Thiago Peixoto, Felipe Duarte, and  Ido Naor said in a report shared with The Hacker News. […]

Benefits of Using NFV with SASE

In today’s digital era, businesses actively strive to heighten network agility, boost security, and slash operational costs. Network Function Virtualization (NFV) and Secure Access Service Edge (SASE) stand at the forefront of this revolution, reshaping enterprise networking and security. NFV breathes new life into traditional, hardware-based network functions, turning them into versatile, software-based solutions deployable […]

Beyond Asset Discovery: How Attack Surface Management Prioritizes Vulnerability Remediation

As the business environment becomes increasingly connected, organizations’ attack surfaces continue to expand, making it challenging to map and secure both known and unknown assets. In particular, unknown assets present security challenges related to shadow IT, misconfigurations, ineffective scan coverage, among others. Given attack surface sprawl and evolving threats, many organizations are

EncroChat Bust Leads to 6,558 Criminals’ Arrests and €900 Million Seizure

Europol on Tuesday announced that the takedown of EncroChat in July 2020 led to 6,558 arrests worldwide and the seizure of €900 million in illicit criminal proceeds. The law enforcement agency said that a subsequent joint investigation initiated by French and Dutch authorities intercepted and analyzed over 115 million conversations that took place over the encrypted messaging […]