Tag: Cybersecurity

Rude Stealer Targets Data from Gamer Platforms

Java-based stealer target gaming platforms

A newly discovered Java-based stealer named Rude has emerged, encapsulated within a Java Archive (JAR) file. It employs a range of sophisticated functionalities and focuses on stealing sensitive data from gaming platforms such as Steam, Discord, and other browsers. Rude Stealer Overview In early November 2023, researchers identified a malicious JAR file labeled “Stealer.jar” on… Continue reading Rude Stealer Targets Data from Gamer Platforms

Phobos Ransomware Mimics VX-Underground Researchers

Ransomware criminals from Phobos group released ransomware that masquerades as the development of VX-Underground community

A new version of Phobos ransomware claims to be developed by VX-Underground, a malware info sharing community. Hackers again disguise themselves as information security specialists, ruining their image. How funny or serious is this all? What is Phobos ransomware? Phobos ransomware emerged in 2018 as a ransomware-as-a-service (RaaS), an offshoot of the Crysis ransomware family.… Continue reading Phobos Ransomware Mimics VX-Underground Researchers

Welltok Data Breach Exposes More Than 8 million Patients

Welltok's breach, affecting 8.5M patients, emphasizes the imperative for rigorous cybersecurity in safeguarding sensitive healthcare data.

Welltok, a healthcare Software as a Service (SaaS) provider, has reported unauthorized access to its MOVEit Transfer server, impacting the personal information of nearly 8.5 million patients in the United States. The breach, detected on July 26, 2023, has raised concerns about the security of patient data and has significant implications for healthcare providers across… Continue reading Welltok Data Breach Exposes More Than 8 million Patients

LitterDrifter – Russia’s USB Worm Targeting Ukrainian Entities

LitterDrifter USB worm is a cyber threat targeting Ukrainian entities, emphasizing the need for robust cybersecurity defenses worldwide.

LitterDrifter USB worm, intricately linked to the notorious Gamaredon group and originating from Russia. It has set its sights on Ukrainian entities, adding a concerning layer to the already complex world of state-sponsored cyber espionage. This USB worm, believed to be orchestrated by Russian actors, not only showcases the adaptability and innovation of Gamaredon but… Continue reading LitterDrifter – Russia’s USB Worm Targeting Ukrainian Entities

Apache ActiveMQ Vulnerability Exploited In The Wild

Hackers actively exploit the vulnerability in Apache ActiveMQ, detected back in October 2023

Recent Apache ActiveMQ vulnerability, that allows for remote code execution, is reportedly exploited in real-world attacks. Analysts noticed several exploitation cases that used this vulnerability to infect Linux systems with Kinsing malware. That is a rare sight of a high-profile vulnerability being exploited to infect exclusively Linux machines. Apache ActiveMQ Vulnerability Allows for RCE Analysts… Continue reading Apache ActiveMQ Vulnerability Exploited In The Wild

Zimbra Vulnerability Exploited in the Wild

Zimbra has patched a vulnerability exploited by several threat actors.

Google TAG’s recent discovery reveals a 0-day exploit, CVE-2023-37580, targeting Zimbra Collaboration. This is a Cross-Site Scripting (XSS) vulnerability exploited in four campaigns. Zero-day discovery was patched A severe vulnerability has been discovered in the Zimbra email software. Four hacker groups exploited vulnerabilities to steal email data, user credentials, and tokens. According to the Google… Continue reading Zimbra Vulnerability Exploited in the Wild

VMWare Cloud Director Vulnerability Circumvents Authentication

VMware reported an unpatched vulnerability affecting Cloud Director appliance deployments.

VMware, a key player in virtualization services, is reaching out to users about a critical security issue in its Cloud Director. Tracked under CVE-2023-34060, this vulnerability, with a CVSS score of 9.8, specifically affects instances that have undergone an upgrade to version 10.5 from previous versions. VMWave Cloud Director Vulnerability Allows for Unauthorized Access Discovered… Continue reading VMWare Cloud Director Vulnerability Circumvents Authentication

IPStorm Botnet Stopped by the FBI, Operator Detained

The IPStorm is quiet now

The FBI has successfully dismantled the notorious IPStorm botnet and apprehended its operator. The operation took place back in September, with the key operator, Sergei Makinin, detained around this time. FBI Dismantles IPStorm Botnet The Federal Bureau of Investigation has successfully suspended the activity of the notorious IPStorm botnet. As a result, they have ended… Continue reading IPStorm Botnet Stopped by the FBI, Operator Detained

Plume Hacked, Data Leaked in the Darknet

Another organization has been hit by a data breach, as the Darknet forum post states

An anonymous hacker posted about a Plume data breach on the Darknet. The hacker says they have stolen the personal information of millions of users and threaten to release the data unless the company pays them a ransom. What is Plume? Plume Design, Inc. develops and sells smart home Wi-Fi mesh networking systems. Its flagship… Continue reading Plume Hacked, Data Leaked in the Darknet

Reptar Vulnerability Threatens Intel Processors

Intel discovered a new vulnerabiltiy in their processors, that may allow hackers to escalate privileges

Intel has fixed a serious Reptar vulnerability in various processors for desktops, servers, mobile devices and embedded systems. This has also proven to be a problem for the latest Alder Lake, Raptor Lake, and Sapphire Rapids microarchitectures. The Reptar vulnerability can be used to escalate privileges, gain access to sensitive information, and cause denial of… Continue reading Reptar Vulnerability Threatens Intel Processors