Collaborate Disseminate
By Deeba Ahmed
IT professionals are under attack! This article exposes a malicious malvertising campaign targeting IT teams with a novel backdoor named MadMxShell. Learn how attackers use typosquatting and DNS techniques to compromise systems.
This is … Continue reading Malvertising: Fake Popular Software Ads Deliver New MadMxShell Backdoor
New unattributed DuneQuixote campaign targeting entities in the Middle East employs droppers disguised as Total Commander installer and CR4T backdoor in C and Go. Continue reading DuneQuixote campaign targets Middle Eastern entities with “CR4T” malware
The OpenJS Foundation has headed off a “credible takeover attempt” similar to the one that resulted in a backdoor getting included in the open-source XZ Utils package by someone who called themselves “Jia Tan”. This malicious ma… Continue reading New open-source project takeover attacks spotted, stymied
By Deeba Ahmed
Firewall on fire!
This is a post from HackRead.com Read the original post: Palo Alto Patches 0-Day (CVE-2024-3400) Exploited by Python Backdoor
Continue reading Palo Alto Patches 0-Day (CVE-2024-3400) Exploited by Python Backdoor
I am learning thick client pentesting. In "File Testing" category, we have a vulnerability called "Framework backdooring". I tried googling the term but could not find any useful resources.
I would like to understand wh… Continue reading Framework backdooring vulnerability in thick client applications [closed]
Kaspersky analysis of the backdoor recently found in XZ, which is used in many popular Linux distributions and in OpenSSH server process. Continue reading XZ backdoor story – Initial analysis
As the analysis of the backdoor in XZ Utils continues, several security companies have provided tools and advice on how to detect its presence on Linux systems. What happened? The open-source XZ Utils compression utility has been backdoored by a skille… Continue reading XZ Utils backdoor: Detection tools, scripts, rules
Attackers are exploiting a recent Magento vulnerability to deploy a persistent backdoor on ecommerce websites.
The post Magento Vulnerability Exploited to Deploy Persistent Backdoor appeared first on SecurityWeek.
Continue reading Magento Vulnerability Exploited to Deploy Persistent Backdoor
With all the discussion about the xz-tools supply chain attack on the Linux distros, what confuses me:
As stated here or on the infographic here, the attackers worked their way to becoming trusted maintainers of the project. They used this… Continue reading Why did the xz-tools attacker put so much effort into hiding the malware when they could manipulate the tarball?
For my own (public) servers, is it considered a good idea to only allow ssh connections from VPN connections (OpenVPN, Wireguard or otherwise), to mitigate any possible attacks in the future on ssh?
It seems that ssh is constantly under at… Continue reading Does using a VPN to allow ssh connections provide better security, especially after seeing how CVE-2024-3094 (XZ backdoor) is done?