Aggregator

Threat actors have been observed concealing malicious code in images to deliver malware such as VIP Keylogger and 0bj3ctivity Stealer as part of separate campaigns. "In both campaigns, attackers hid malicious code in images they uploaded to archive[.]org, a file-hosting website, and used the same .NET loader to install their final payloads," HP Wolf Security said in its Threat Insights Report

2025年1月16日 19:09软件资讯3.63K #科技资讯 网传支付宝出现 P0 级事故，任意类型的付款均自动叠加国补优惠 20%，甚至转账 4000 元都自动优惠 800 元。微博

阅读： 11、漏洞概述近日，绿盟科技监测到Rsync发布安全公告，修复了Rsync中的缓冲区溢出与信息泄露漏洞（CVE-2024-120

AISURU botnet launched a DDoS attack targeting Black Myth: Wukong distribution platforms in August 2024 that leveraged a 0DAY vulnerability on cnPilot routers and used RC4 encryption for sample strings.  After a brief pause in September, the botnet reappeared in October with the name kitty and was updated again in November as AIRASHI.  The current […]

The post AIRASHI Botnet Exploiting 0-Day Vulnerabilities In Large Scale DDoS Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Данные более 24 млн гостей отелей находились в открытом доступе, предоставив плацдарм для мошенничеств.

A threat actor has leaked configuration files (aka configs) for over 15,000 Fortinet Fortigate firewalls and associated admin and user credentials. The collection has been leaked on Monday and publicized on an underground forum by the threat actor that goes by “Belsen_Group”, supposedly as a free offering to solidify the name of the group in the forum users’ memory. The leaked 1.6 GB archive contains folders ordered by country, and inside each are folders named … More →

The post Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them? appeared first on Help Net Security.

2024 has been an event

Key DataThreat actors immediately target new Truth Social users — Netcraft received more t

Seven system recovery programs contained what amounted to a backdoor for injecting any untrusted file into the system startup process.

Botnets are the networks of compromised devices that have evolved significantly since the internet’s inception. Threat actors exploit vulnerabilities to control these devices remotely by leveraging them for malicious activities.  These activities range from spamming to launching devastating distributed denial-of-service (DDoS) attacks, as the decentralized nature of botnets presents significant challenges to defenders.  By orchestrating […]

The post New Botnet Exploiting DNS Records Misconfiguration To Deliver Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

MikroTik botnet relies on DNS misconfiguration to spread malware

Researchers discovered a 13,000-device MikroTik botnet exploiting DNS flaws to spoof 20,000 domains and deliver malware. Infoblox researchers discovered a botnet of 13,000 MikroTik devices that exploits DNS misconfigurations to bypass email protections, spoof approximately 20,000 domains, and deliver malware. In late November, the experts spotted a malspam campaign impersonating DHL which used emails about […]

The Federal Trade Commission (FTC) has announced that it will require GoDaddy Inc. to develop and implement a comprehensive information security program. This decision comes in response to allegations that the prominent web hosting company has consistently failed to adequately secure its services, risking the safety of millions of customers who rely on its platform. […]

The post FTC Slams GoDaddy For Not Implement Standard Security Practices Following Major Breaches appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability, which was classified as critical, was found in WAGO 750-8100 Controller PFC100, 750-831 Controller BACnet, IP, 750-880 Controller ETH and 750-889 Controller KNX IP up to 02.05.23(08). This affects an unknown part. The manipulation leads to allocation of resources. This vulnerability is uniquely identified as CVE-2018-25108. It is possible to initiate the attack remotely. There is no exploit available.