Collaborate Disseminate
Automation might be the way to go for many things, but a recently published report by Google’s Threat Analysis Group (TAG) shows why targeted phishing campaigns performed by human operators are often successful, and how the Conti ransomware gang … Continue reading The TTPs of Conti’s initial access broker
MikroTik routers are getting compromised to serve as communication proxies for Trickbot malware, to enable Trickbot-affected devices to communicate with their their C2 server in a way that standard network defense systems won’t detect, Microsoft … Continue reading Trickbot uses compromised MikroTik routers as C2 communication proxies
Veeam Software has patched two critical vulnerabilities (CVE-2022-26500, CVE-2022-26501) affecting its popular Veeam Backup & Replication solution, which could be exploited by unauthenticated attackers to remotely execute malicious code. Veeam Bac… Continue reading Veeam fixes critical RCEs in backup solution (CVE-2022-26500, CVE-2022-26501)
As Ukrainian organizations are getting hit with yet another data-wiping malware, financially motivated threat actors are choosing sides and some of them are expressing their willingness to target Russian targets. Malware hitting Ukranian targets Whispe… Continue reading Financially motivated threat actors willing to go after Russian targets
The Offensive Security team has released Kali Unkaputtbar, a new feature that allows Kali Linux installed on bare-metal to make system snapshots automatically, thus enabling users to roll back to a previous system state after a botched upgrade. Kali Un… Continue reading Kali Linux on bare-metal gets snapshotting functionality
The cyber activities related to the ongoing war in Ukraine have run the gamut from wiper malware hitting organizations and the border control in Ukraine, DDoS attacks aimed at government and media websites, and cyber disruption of satellite-based inter… Continue reading War in Ukraine: What type of cyber attacks can we expect next?
Microsoft marks March 2022 Patch Tuesday with patches for 71 CVE-numbered vulnerabilities, including three previously unknown “critical” ones and three “important” ones that were already public (but not actively exploited by att… Continue reading March 2022 Patch Tuesday: Microsoft fixes RCEs in RDP client, Exchange Server
Three vulnerabilities in ubiquitous APC Smart-UPS (uninterruptible power supply) devices could allow remote attackers to use them as an attack vector, disable or completely destroy them, Armis researchers have discovered. The vulnerable devices, develo… Continue reading Widely used UPS devices can be hijacked and destroyed remotely
An easily exploitable vulnerability (CVE-2022-0847) in the Linux kernel can be used by local unprivileged users to gain root privileges on vulnerable systems by taking advantage of already public exploits. Discovered by security researcher Max Kellerma… Continue reading Easily exploitable Linux bug gives root access to attackers (CVE-2022-0847)
Mozilla has released an out-of-band security update for Firefox, Firefox Focus, and Thunderbird, fixing two critical vulnerabilities (CVE-2022-26485, CVE-2022-26486) exploited by attackers in the wild. About the vulnerabilities (CVE-2022-26485, CVE-202… Continue reading Mozilla fixes Firefox zero-days exploited in the wild (CVE-2022-26485, CVE-2022-26486)