Aggregator

FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux(link is external)

The Hackers News
5 months 1 week ago
Threat hunters have shed light on a new campaign targeting the foreign ministry of an unnamed South American nation with bespoke malware capable of granting remote access to infected hosts. The activity, detected in November 2024, has been attributed by Elastic Security Labs to a threat cluster it tracks as REF7707. Some of the other targets include a telecommunications entity and a university,
The Hacker News

CVE-2024-3303 | GitLab Enterprise Edition up to 17.6.4/17.7.3/17.8.1 information disclosure(link is external)

VulDB Recent Entries
5 months 1 week ago
A vulnerability was found in GitLab Enterprise Edition up to 17.6.4/17.7.3/17.8.1. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2024-3303. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-13639 | edmonparker Read More & Accordion Plugin up to 3.4.2 on WordPress expmDeleteData authorization(link is external)

VulDB Recent Entries
5 months 1 week ago
A vulnerability was found in edmonparker Read More & Accordion Plugin up to 3.4.2 on WordPress. It has been declared as problematic. This vulnerability affects the function expmDeleteData. The manipulation leads to missing authorization. This vulnerability was named CVE-2024-13639. The attack can be initiated remotely. There is no exploit available.
vuldb.com

攻击DeepSeek的僵尸网络HailBot的三个变种分析(link is external)

FreeBuf互联网安全新媒体平台
5 months 1 week ago
1          概述安天CERT在2月5日发布了《攻击DeepSeek的相关僵尸网络样本分析》报告,分析了攻击中活跃的两个僵尸网络体系RapperBot和HailBot和其典型样本,分析了其与Mirai僵尸木马源代码泄漏的衍生关系。安天工程师依托特征工程机制,进一步对HailBot僵尸网络样本集合进行了更细粒度差异比对,在将样本向控制台输出的字符串作为分类标识条件的比对中,发现部分样本修改了

Managed ad