Mash – Page 24 – Wildcat Cyber Patrol

New Pro-Ocean cryptojacking malware targets Apache, Oracle and Redis servers

Pro-Ocean is a new cryptojacking malware by Rocke hackers with self-spreading capabilities, that can blindly throw exploits at discovered vulnerable [...]

News

Posted on January 30, 2021 by Mash

DPRK hacking group targets security researchers with Chrome exploit

DPRK group named 'Zinc' or 'Lazarus' has been targeting vulnerability researchers according to Microsoft. According to Microsoft research, the group [...]

News

Posted on January 29, 2021 by Mash

Google Chrome now blocks 7 additional ports to defend against NAT Slipstreaming vulnerability

Network Address Translation (NAT) is a feature, used to reduce the amount of public IP addresses and to increase security. [...]

News

Posted on January 29, 2021 by Mash

New Linux SUDO vulnerability lets local users gain root privileges

Sudo is a Unix program that lets system administrators provide limited root privileges to normal users listed in the sudoers [...]

News

Posted on January 27, 2021 by Mash

3 new iOS zero-day vulnerabilities spotted exploited in the wild

Apple has released an update for three recently reported vulnerabilities that allow hackers to elevate privileges and achieve remote code [...]

News

Apple

Posted on January 27, 2021 by Mash

Third-party fix for NTFS Windows 10 bug got released

OSR, a software development company specializing in Windows internals, has released an open-source filter driver, preventing the NTFS bug abuse, [...]

News

Posted on January 26, 2021 by Mash

North Korean hacking group is targeting security researchers

According to Google's Threat Analysis Group report, a North Korean government-backed hacking group is targeting security researchers, attempting to infect [...]

News

Posted on January 26, 2021 by Mash

MrbMiner crypto-jacking campaign linked to Iranian software company

Sophos researchers have investigated the brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware [...]

News

Posted on January 24, 2021 by Mash

SonicWall firewall maker hacked using zero-day vulnerability in its VPN device

Security manufacturer SonicWall has issued an urgency notice on threat actors abusing zero-day vulnerability in their Secure Mobile Access (SMA) [...]

News

Posted on January 24, 2021 by Mash

Windows Remote Desktop Protocol servers are abused by attackers to amplify DDOS attacks

The Microsoft Remote Desktop Protocol service is a built-in Windows service running on TCP/3389 and/or UDP/3389 that enables authenticated remote [...]

News

Posted on January 23, 2021 by Mash

SolarWinds attackers detection evasion mechanism released

Microsoft has shared new details on how hackers behind the SolarWinds breach managed to remain undetected by hiding their activity [...]

News

SolarWinds

Posted on January 22, 2021 by Mash

Malwarebytes confirms that SolarWinds attackers got access to their internal emails

Malwarebytes CEO Marcin Kleczynski stated that while they don't use SolarWinds, they also got targeted in the recent attack. After [...]

News

SolarWinds

Posted on January 21, 2021 by Mash

Hackers spy on Signal, Facebook, and Google chat users thanks to logic bug abuse

The logic bugs that attackers used in the past were discovered by Google Project Zero security manager Natalie Silvanovich in [...]

News

Posted on January 21, 2021 by Mash

Windows 10 bug causes Blue Screen of Death when user access this location

The new Windows 10 bug causes the system to crash with BSOD by opening a certain path in the browser [...]

News

Posted on January 19, 2021 by Mash

Security researchers disclose series of attacks by threat actor of Chinese origin

The recent campaign targeting organizations in Russia and Hong Kong have been linked to Winnti (or APT41) by cybersecurity researchers. [...]

News

Posted on January 18, 2021 by Mash

Attackers abuse Windows Finger command to download malware

The Finger command is a utility that allows a local user to get a list of users on a remote [...]

News

Posted on January 16, 2021 by Mash

Microsoft warns admins of Windows Zerologon patch enforcement coming next month

Zerologon is a critical security flaw tracked as CVE-2020-1472, which allows attackers to elevate privileges to the domain administrator and [...]

News

Posted on January 16, 2021 by Mash

Apple removed a feature that allowed its apps to bypass firewalls and VPNs

The controversial macOS feature that allowed 53 Apple apps to bypass firewalls and VPNs installed by users got removed. The [...]

News

Apple

Posted on January 16, 2021 by Mash

Verified Twitter accounts hacked in fake Elon Musk crypto giveaway

According to the MalwareHunterTeam security researcher, a big number of verified Twitter accounts got hacked to promote a fake Elon [...]

News

Posted on January 16, 2021 by Mash

Project Zero team discloses a hacking campaign targeting Windows and Android users

Project Zero, Google's zero-day bug-hunting team has discovered a campaign coordinated by a highly sophisticated actor, targeting Windows and Android [...]

News

Posted on January 14, 2021 by Mash

Microsoft patches Microsoft Defender antivirus zero-day vulnerability

Microsoft Defender vulnerability, actively exploited in the wild by threat actors, has been patched by Microsoft. The vulnerability tracked as [...]

News

Microsoft

Posted on January 13, 2021 by Mash

SolarLeaks website claims to sell the data stolen in SolarWinds attacks

A website SolarLeaks dot net is selling the data stolen from the companies, suffered from the SolarWinds breach, the attack [...]

News

Posted on January 13, 2021 by Mash

Cybersecurity team Bitdefender released free decryptor for the DarkSide ransomware

Romanian cybersecurity company Bitdefender has released a free decryptor for the DarkSide ransomware, allowing victims to recover their files without [...]

How-to

Posted on January 12, 2021 by Mash

Cryptocurrency mining Mac malware OSAMiner uses AppleScripts to evade the research

A Cryptocurrency mining malware OSAMiner has been known since 2015, but researchers have trouble analyzing it because payloads are exported [...]

News

OSAMiner

Posted on January 12, 2021 by Mash

Chrome extension The Great Suspender isn't recommended to use anymore

The Great Suspender is a popular and useful Chrome extension, designed to improve the Google Chrome usage of RAM by [...]

News

Google Chrome

Posted on January 11, 2021 by Mash

Hackers gained remote control over the chastity belts devices using ransomware

The source code for the ChasityLock ransomware has become publicly available for research purposes after the attack that targeted male [...]

News

Posted on January 11, 2021 by Mash

Hackers behind the SolarWinds breach used password guessing

The US Cybersecurity and Infrastructure Security Agency (CISA) has stated that the hackers behind the SolarWinds attack has used password [...]

News

SolarWinds

Posted on January 9, 2021 by Mash

Nissan NA source code leaked due to exposed Git server with default admin credentials

The entire collection of Nissan North America source code got leaked because of the exposed Git server, protected with default [...]

News

Posted on January 9, 2021 by Mash

Ezuri crypter used by Linux threat actors to avoid detection

According to AT&T Alien Labs report, multiple malware authors are using Ezuri crypter to improve the antidetection of their malware. [...]

News

Ezuri
Linux

Posted on January 8, 2021 by Mash

WhatsApp Privacy Police update forces users to share their data with Facebook

Recent WhatsApp Privacy Policy update has faced its users with an ultimatum, either they accept sharing their data with Facebook, [...]

News

Posted on January 8, 2021 by Mash

Windows Core Polaris dev build has been leaked

Recent leak of Microsoft's Windows Core Polaris has proofed a series of rumors about Microsoft developing an OS for low [...]

News

Posted on January 4, 2021 by Mash

Google Chrome fixes a file locking bug on Windows 10 systems

Google Chrome has fixed a bug that caused Windows 10 antivirus to lock the newly created files, by not allowing [...]

News

Google Chrome

Posted on January 4, 2021 by Mash

Backdoor account found in Zyxel firewall

Zyxel has released a patch, fixing a critical vulnerability, tracked as CVE-2020-29583, concerning a hardcoded undocumented secret account, that could [...]

News

Zyxel

Posted on January 2, 2021 by Mash

Adobe Flash Player is not supported anymore

Adobe has stopped supporting their Flash Player on January 1, 2021. Adobe will not be posting any updates to Flash [...]

How-to

Adobe

Posted on January 2, 2021 by Mash

CISA releases Sparrow - a compromised apps' detection tool Azure and Microsoft 365 environments

The new tool named Sparrow released by the Cybersecurity and Infrastructure Security Agency (CISA) as an answer to the recent [...]

News

Posted on December 29, 2020 by Mash

New GitHub based malware uses Word files and Imgur images to decode a Cobalt Strike script

A new type of malware using Word files with macros to download a PowerShell script from GitHub, has been discovered [...]

News

CobaltStrike

Posted on December 29, 2020 by Mash

SolarWinds released updated advisory for SUPERNOVA malware

SolarWinds has suffered a cyberattack, which made attackers capable of modifying a legitimate SolarWinds Orion BusinessLayer DLL file to include [...]