Cuba Ransomware Operators Use Previously Unknown ROMCOM RAT

Palo Alto Networks reports that the Cuba ransomware operators have begun to use new tactics in their attacks, including the use of a previously unknown remote access trojan (RAT) called ROMCOM RAT. Let me remind you that we reported that New Cuba Ransomware Variant Involves Double-Extortion Scheme. In their report, the researchers talk about the… Continue reading Cuba Ransomware Operators Use Previously Unknown ROMCOM RAT

Amazon Patch for Log4Shell allowed privilege escalation

Palo Alto Networks warns that a patch released by Amazon to protect AWS from high-profile issues in Apache Log4j, including the Log4Shell vulnerability, poses a threat to users. The patch can be used to escape the container and escalate privileges, allowing an attacker to take control of the underlying host. Let me remind you that… Continue reading Amazon Patch for Log4Shell allowed privilege escalation

WEF warned of impending cyber pandemic

The WEF experts warned about the impending cyber pandemic and called for new approaches to risk management associated with the development of next generation technologies. By 2025, next-generation technologies such as ubiquitous connectivity, artificial intelligence, quantum computing or new approaches to identity and access management could overwhelm the defences and lead to a global cyber… Continue reading WEF warned of impending cyber pandemic

PgMiner botnet attacks poorly protected PostgreSQL DBs

Palo Alto Networks has discovered the PgMiner botnet, which attacks and breaks into poorly protected PostgreSQL DBs in order to install miners. A new Linux-based cryptocurrency mining botnet exploits PostgreSQL’s Remote Code Execution (RCE) vulnerability, which compromises cryptojacking database servers. Cryptojacking (or simply malicious coin mining) is a common way for malware authors to monetize… Continue reading PgMiner botnet attacks poorly protected PostgreSQL DBs

US cyber command warned about dangerous vulnerability in PAN-OS

The US cyber command warned that in PAN-OS was discovered a dangerous vulnerability and that soon government hack groups are likely to start using it. PAN-OS is an operating system running on firewalls and corporate VPN devices, manufactured by Palo Alto Networks. The cause for concern is really serious: the CVE-2020-2021 vulnerability is one of… Continue reading US cyber command warned about dangerous vulnerability in PAN-OS

Hoaxcalls botnet attacks Grandstream devices

Palo Alto Networks experts warn that the Hoaxcalls botnet attacks the recently fixed vulnerability in the Grandstream UCM6200 series devices. The Hoaxcalls botnet is built on the source code of the Gafgyt/Bashlite malware and is mainly used for DDoS attacks. “The malware is built on the Gafgyt/Bashlite malware family codebase, which we have dubbed “Hoaxcalls”,… Continue reading Hoaxcalls botnet attacks Grandstream devices