A newly discovered vulnerability in OpenSSH nicknamed regreSSHion allows remote attackers to gain root privileges on Linux systems based on glibc library. This flaw enables an unauthenticated attacker to execute arbitrary code on the vulnerable system and obtain root privileges. Considering the wide application of OpenSSH, this flaw can have massive impact, comparable in size… Continue reading RegreSSHion OpenSSH Vulnerability Allows for RCE
Tag: Cybersecurity
Whaling Phishing
Malicious actors know executives and high-level employees, such as public spokespersons, are familiar with common spam tactics. Due to their public profiles, they may have undergone extensive security awareness training, and the security team may have implemented stricter policies and more advanced tools to safeguard them. As a result, attackers targeting these individuals are forced… Continue reading Whaling Phishing
Hello Perv
“Hello perv” is a name for an email scam that got its name from the eponymous title. It aims at scaring the user and asking them to pay the ransom in cryptocurrency, in an exchange to not publishing explicit contents. These emails are sent in thousands, targeting people all around the world, sometimes even misfiring… Continue reading Hello Perv
New GrimResource Attack Technique Targets MMC, DLL Flaw
A new malicious code execution technique, coined GrimResource, was discovered, targeting Microsoft Management Console. Attackers are exploiting an old cross-site scripting vulnerability that allows them to bypass defenses and deploy malware to endpoints. Attack Technique Exploits Microsoft Management Console Files On June 6, 2024, Elastic reported about discovering a new attack technique that uses Microsoft… Continue reading New GrimResource Attack Technique Targets MMC, DLL Flaw
Binance Smart Contracts Blockchain Abused in Malware Spreading
Cybercriminals appear to exploit Binance smart contracts as intermediary C2, preferring them over more classic hostings for them being impossible to take down. It is currently used to deploy infostealers, but potential application for such malignant purposes allows for working with pretty much any malware. Cybercriminals Use BSCs As C2 Infrastructure A new technique, coined… Continue reading Binance Smart Contracts Blockchain Abused in Malware Spreading
Kaspersky Antivirus Banned By the Biden Administration
On June 20, 2024, the Biden administration implemented a complete ban on sales of Kaspersky software. The company has been amidst data security worries since 2017. Now, after more than seven years of Kaspersky ban in govt organizations, the software is getting banned completely. US Implements Ban on Kaspersky Software On Thursday, June 20, U.S.… Continue reading Kaspersky Antivirus Banned By the Biden Administration
Win.MxResIcn.Heur.Gen
Antivirus engine of MaxSecure, a well-known cybersecurity vendor, currently shows massive amounts of false positive detection with the name Win.MxResIcn.Heur.Gen. It touches numerous legitimate and safe programs, and is likely an outcome of the issues with the heuristic engine. The developer does not comment on the situation publicly, presumably communicating in support tickets. Win.MxResIcn.Heur.Gen Detection… Continue reading Win.MxResIcn.Heur.Gen
Infostealer Malware
Cybercrime world changes rapidly – both by expanding, collapsing, evolving extensively and intensively. One of the most massive malware types in the modern threat landscape – Infostealer Malware – appears to enter a new stage of development. Though its major names remain the same, some new malware families with promising features popped out. Let’s have… Continue reading Infostealer Malware
Lumma Stealer Spreads Via Fake Browser Updates, Uses ClearFake
Recent research uncovered a selection of websites that deploy Lumma Stealer under the guise of a browser update. They pose as tutorial pages that offer seemingly correct guides, but then open a malicious JS iframe handled with ClearFake framework. Some of these sites are active for several weeks now. Fake Tutorial Sites Spread Lumma Stealer… Continue reading Lumma Stealer Spreads Via Fake Browser Updates, Uses ClearFake
HTTPS vs HTTP
HTTPS and HTTP are constantly around us, but their difference is not really clear. What do they differ with? And why do I see these “Your connection is not secure” pop-ups when the connection is HTTP? In this article, I will explain the HTTPS vs HTTP difference and what connection type you should stick to.… Continue reading HTTPS vs HTTP