Kasseika Ransomware Exploits Vulnerable Antivirus Drivers
A new ransomware called "Kasseika" uses Bring Your Own Vulnerable Driver tactics to disable antivirus software before encrypting files. Kasseika was likely built by former members of the BlackMatter group…
GoAnywhere MFT Auth Bypass Vulnerability Discovered
The fest of vulnerabilities in enterprise software continues with an auth bypass flaw in Fortra’s GoAnywhere MFT. Rated at CVSS 9.8, this flaw allows an adversary to create an administrator…
Confluence RCE Vulnerability Under Massive Exploitation
Researchers are seeing attempts to exploit a critical vulnerability in outdated Atlassian Confluence servers. The flaw allows attackers to execute code remotely, with most attempts from Russian IP addresses. Typically…
TikTok Shopping Scams On The Rise: Tips to Avoid
TikTok shopping scams is a new attack vector on online shoppers. Immense popularity of the Chinese social network led to addition of shopping functionality to the application. This, however, attracted…
2 Citrix RCE Under Active Exploitation, CISA Notifies
CISA has given a timeframe of one to three weeks to fix three vulnerabilities related to Citrix NetScaler and Google Chrome. These zero-day vulnerabilities were actively used in cyber attacks.…
LockBit Ransomware Uses Resume Word Files to Spread
A recent investigation by ASEC reveals the new tactics of an infamous LockBit ransomware. “Post-paid pentesters” started masquerading as innocuous summaries in Word documents. Ironically, this similar tactic is reminiscent…
Over 178,000 SonicWall Firewalls are Vulnerable to DoS and RCE
Recent research uncovers a significant portion of SonicWall firewall instances being susceptible to attacks. In particular, two vulnerabilities are able to cause remote code execution (RCE) and DoS attacks. Unfortunately,…
9 PixieFail Vulnerabilities Discovered in TianoCore’s EDK II
A chain of 9 vulnerabilities in UEFI’s Preboot Execution Environment (PXE), dubbed PixieFail, was uncovered in a recent research. As the network boot process is a rather novice attack vector,…
New Google Chrome 0-day Vulnerability Exploited, Update Now
In the most recent release notes, Google reports about a new 0-day vulnerability that is already exploited in the wild. The update fixes the issue, but the very fact of…
Novice FBot Stealer Targets Cloud Services
Researchers report about a new malware strain dubbed FBot. This Python-based malicious program appears to be a unique tool in cybercriminals' arsenal. Its uniqueness is due to its targeting of…
AzorUlt Stealer Is Back In Action, Uses Email Phishing
Cybersecurity experts have stumbled upon the eight-year-old Azorult malware. This malware steals information and collects sensitive data, and has been down since late 2021. But will the old dog keep…
Remcos RAT Targets South Korean Users Through Webhards
An infamous Remcos RAT reportedly started targeting South Korean users through the files shared on Webhards platform. By baiting users with cracked software and adult content, hackers manage to install…