Tag: Cybersecurity

RegreSSHion OpenSSH Vulnerability Allows for RCE

Researchers has discovered a new “high” severity signal handler race condition vulnerability

A newly discovered vulnerability in OpenSSH nicknamed regreSSHion allows remote attackers to gain root privileges on Linux systems based on glibc library. This flaw enables an unauthenticated attacker to execute arbitrary code on the vulnerable system and obtain root privileges. Considering the wide application of OpenSSH, this flaw can have massive impact, comparable in size… Continue reading RegreSSHion OpenSSH Vulnerability Allows for RCE

Whaling Phishing

Whaling is a phishing that aims high-profile people in different companies and organizations.

Malicious actors know executives and high-level employees, such as public spokespersons, are familiar with common spam tactics. Due to their public profiles, they may have undergone extensive security awareness training, and the security team may have implemented stricter policies and more advanced tools to safeguard them. As a result, attackers targeting these individuals are forced… Continue reading Whaling Phishing

Hello Perv

A new Hello Perv email sextortion scam got its name for the introduction words

“Hello perv” is a name for an email scam that got its name from the eponymous title. It aims at scaring the user and asking them to pay the ransom in cryptocurrency, in an exchange to not publishing explicit contents. These emails are sent in thousands, targeting people all around the world, sometimes even misfiring… Continue reading Hello Perv

New GrimResource Attack Technique Targets MMC, DLL Flaw

Attackers exploit an old vulnerability for a new attack.

A new malicious code execution technique, coined GrimResource, was discovered, targeting Microsoft Management Console. Attackers are exploiting an old cross-site scripting vulnerability that allows them to bypass defenses and deploy malware to endpoints. Attack Technique Exploits Microsoft Management Console Files On June 6, 2024, Elastic reported about discovering a new attack technique that uses Microsoft… Continue reading New GrimResource Attack Technique Targets MMC, DLL Flaw

Binance Smart Contracts Blockchain Abused in Malware Spreading

Hackers found the way to deploy malicious scripts via smart contracts

Cybercriminals appear to exploit Binance smart contracts as intermediary C2, preferring them over more classic hostings for them being impossible to take down. It is currently used to deploy infostealers, but potential application for such malignant purposes allows for working with pretty much any malware. Cybercriminals Use BSCs As C2 Infrastructure A new technique, coined… Continue reading Binance Smart Contracts Blockchain Abused in Malware Spreading

Kaspersky Antivirus Banned By the Biden Administration

U.S. Commerce Department bans marketing and updates for Kaspersky security solutions

On June 20, 2024, the Biden administration implemented a complete ban on sales of Kaspersky software. The company has been amidst data security worries since 2017. Now, after more than seven years of Kaspersky ban in govt organizations, the software is getting banned completely. US Implements Ban on Kaspersky Software On Thursday, June 20, U.S.… Continue reading Kaspersky Antivirus Banned By the Biden Administration

Win.MxResIcn.Heur.Gen

Even renowned antivirus companies may have troubles at times

Antivirus engine of MaxSecure, a well-known cybersecurity vendor, currently shows massive amounts of false positive detection with the name Win.MxResIcn.Heur.Gen. It touches numerous legitimate and safe programs, and is likely an outcome of the issues with the heuristic engine. The developer does not comment on the situation publicly, presumably communicating in support tickets. Win.MxResIcn.Heur.Gen Detection… Continue reading Win.MxResIcn.Heur.Gen

Infostealer Malware

Aside from stealer majors, there are several novice names with a significant potential

Cybercrime world changes rapidly – both by expanding, collapsing, evolving extensively and intensively. One of the most massive malware types in the modern threat landscape – Infostealer Malware – appears to enter a new stage of development. Though its major names remain the same, some new malware families with promising features popped out. Let’s have… Continue reading Infostealer Malware

Lumma Stealer Spreads Via Fake Browser Updates, Uses ClearFake

Cybercriminals exploit ClearFake framework to create fake browser update windows, that deliver malware

Recent research uncovered a selection of websites that deploy Lumma Stealer under the guise of a browser update. They pose as tutorial pages that offer seemingly correct guides, but then open a malicious JS iframe handled with ClearFake framework. Some of these sites are active for several weeks now. Fake Tutorial Sites Spread Lumma Stealer… Continue reading Lumma Stealer Spreads Via Fake Browser Updates, Uses ClearFake

HTTPS vs HTTP

Do you pay attention to how the URL of the website begins?

HTTPS and HTTP are constantly around us, but their difference is not really clear. What do they differ with? And why do I see these “Your connection is not secure” pop-ups when the connection is HTTP? In this article, I will explain the HTTPS vs HTTP difference and what connection type you should stick to.… Continue reading HTTPS vs HTTP