Virus & Threats – Page 19 – WindowsTechs.com

CISA: Hackers Will Quickly Start Exploiting Newly Patched VMware Vulnerabilities

Posted on May 19, 2022 by Eduard Kovacs

The US Cybersecurity and Infrastructure Security Agency (CISA) has warned organizations about two actively exploited VMware product vulnerabilities, and the agency believes two other freshly patched flaws will also be exploited soon.
read more

Continue reading CISA: Hackers Will Quickly Start Exploiting Newly Patched VMware Vulnerabilities→

US Government Says North Korean IT Workers Enable DPRK Hacking Operations

Posted on May 18, 2022 by Eduard Kovacs

The US government has warned companies that some of their IT workers may be from North Korea, and these individuals could be aiding their country’s hacking operations.
read more

Continue reading US Government Says North Korean IT Workers Enable DPRK Hacking Operations→

National Cybersecurity Agencies Describe Commonly Used Initial Access Techniques

Posted on May 18, 2022 by Ionut Arghire

Cybersecurity agencies in the United States, the United Kingdom, Canada, the Netherlands, and New Zealand warn that threat actors exploit poor security practices for initial access to victim environments.
read more

Continue reading National Cybersecurity Agencies Describe Commonly Used Initial Access Techniques→

‘Sysrv’ Botnet Targeting Recent Spring Cloud Gateway Vulnerability

Posted on May 16, 2022 by Ionut Arghire

A new variant of the Sysrv botnet has added a recent Spring Cloud Gateway vulnerability to its exploit portfolio, Microsoft warns.
The Sysrv botnet has been active since at least late 2020, looking to exploit known security bugs in access interfaces in… Continue reading ‘Sysrv’ Botnet Targeting Recent Spring Cloud Gateway Vulnerability→

‘IceApple’ Post-Exploitation Framework Created for Long-Running Operations

Posted on May 13, 2022 by Ionut Arghire

CrowdStrike has detailed a new post-exploitation framework that could be the work of a state-sponsored threat actor, one likely linked to China.
read more

Continue reading ‘IceApple’ Post-Exploitation Framework Created for Long-Running Operations→

Organizations in Europe Targeted With New ‘Nerbian’ RAT

Posted on May 13, 2022 by Ionut Arghire

Proofpoint’s security researchers have documented a new remote access trojan (RAT) being used in a series of recent attacks targeting various industries in multiple European countries.
read more

Continue reading Organizations in Europe Targeted With New ‘Nerbian’ RAT→

Iranian Cyberspy Group Launching Ransomware Attacks Against US

Posted on May 12, 2022 by Ionut Arghire

Over the past several months, Iran-linked cyberespionage group Charming Kitten has been engaging in financially-motivated activities, the Secureworks Counter Threat Unit (CTU) reports.
read more

Continue reading Iranian Cyberspy Group Launching Ransomware Attacks Against US→

Critical Vulnerability Exploited to ‘Destroy’ BIG-IP Appliances

Posted on May 11, 2022 by Eduard Kovacs

The recently patched F5 BIG-IP vulnerability tracked as CVE-2022-1388 is being increasingly exploited by threat actors, including to “destroy” affected appliances.
read more

Continue reading Critical Vulnerability Exploited to ‘Destroy’ BIG-IP Appliances→

Windows Print Spooler Vulnerabilities Increasingly Exploited in Attacks

Posted on May 11, 2022 by Ionut Arghire

The number of attacks targeting Windows Print Spooler vulnerabilities has been increasing, according to cybersecurity firm Kaspersky.
read more

Continue reading Windows Print Spooler Vulnerabilities Increasingly Exploited in Attacks→

New Malware Samples Indicate Return of REvil Ransomware

Posted on May 10, 2022 by Eduard Kovacs

New malware samples and a new Tor-based leak website suggest that the REvil ransomware operation has resumed.
read more

Continue reading New Malware Samples Indicate Return of REvil Ransomware→