Social Engineering Based on Stimulus Bill and COVID-19 Financial Compensation Schemes Expected to Grow in Coming Weeks

Given the community interest and media coverage surrounding the economic stimulus bill currently being considered by the United States House of Representatives, we anticipate attackers will increasingly leverage lures tailored to the new stimulus bill and related recovery efforts such as stimulus...

[SECURITY] [DSA 4647-1] bluez security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4647-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 26, 2020 https://www.debian.org/security/faq -...

March 2020 - Professional Services and the Media Industry

In today's ever-shifting market, we recognize that you need to be constantly adapting, and Akamai provides a way to enhance your customers' experiences through our unique expertise, helping you unlock the value of Akamai's products and services. Professional Services' primary mission is to drive...

Debian DSA-4642-1 : thunderbird - security update

Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4642. The text itself is copyright C...

Revamped HawkEye Keylogger Swoops in on Coronavirus Fears

There’s a new variant of the HawkEye keylogging malware making the rounds, featuring expanded info-stealing capabilities. Its operators are looking to capture the zeitgeist around the novel coronavirus. It’s being distributed using spam that purports to be an “alert” from the Director-General of...

Revamped HawkEye Keylogger Swoops in on Coronavirus Fears

There’s a new variant of the HawkEye keylogging malware making the rounds, featuring expanded info-stealing capabilities. Its operators are looking to capture the zeitgeist around the novel coronavirus. It’s being distributed using spam that purports to be an “alert” from the Director-General of...

Cyber Criminals using Coronavirus Fears to Spread Information-Stealing Malware

Cyber criminals have been leveraging trending cultural and viral news items that drive interest from millions of individuals as mechanisms to target and distribute malware easily and effectively. In the past, cyber criminals have used topics including international sports championships, celebrity...

SQL Injection Vulnerability in Guangzhou Sanjin Network Technology Co.

Guangzhou Sanjin Network Technology Co., Ltd. company is a high-tech technology enterprises in Guangdong Province was founded in May 2014, is the enterprise WeChat distribution platform, website construction service providers. Guangzhou Sanjin Network Technology Co., Ltd. website building system...

Install Go tools from modules with brew-gomod

As of Go 1.14, modules are ready for production. Compared to GOPATH, they make it much easier to keep workspaces clean by managing dependencies out of sight, and by letting you clone projects anywhere. However, there is no good way to simply install a Go binary from source, yet. The core reason f...

Debian DSA-4639-1 : firefox-esr - security update

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4639. The text...

[SECURITY] [DSA 4639-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4639-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 11, 2020 https://www.debian.org/security/faq -...

Mokes and Buerak distributed under the guise of security certificates

The technique of distributing malware under the guise of legitimate software updates is not new. As a rule, cybercriminals invite potential victims to install a new version of a browser or Adobe Flash Player. However, we recently discovered a new approach to this well-known method: visitors to...

Install Python for Windows

This module places an embeddable Python3 distribution onto the target file system, granting pentesters access to a lightweight Python interpreter. This module does not require administrative privileges or user interaction with installation prompts. This module requires Metasploit:...

[SECURITY] Fedora 31 Update: golang-vitess-3.0-4.20190701git948c251.fc31

Vitess is a database clustering system for horizontal scaling of MySQL thro ugh generalized sharding. By encapsulating shard-routing logic, Vitess allows application code and database queries to remain agnostic to the distribution of data onto multip le shards. With Vitess, you can even split and...

Roaming Mantis, part V

Kaspersky has continued to track the Roaming Mantis campaign. The group's attack methods have improved and new targets continuously added in order to steal more funds. The attackers' focus has also shifted to techniques that avoid tracking and research: whitelist for distribution, analysis...

ObliqueRAT: New RAT hits victims' endpoints via malicious documents

By Asheer Malhotra. Cisco Talos has observed a malware campaign that utilizes malicious Microsoft Office documents maldocs to spread a remote access trojan RAT we're calling "ObliqueRAT." These maldocs use malicious macros to deliver the second stage RAT payload. This campaign appears to target...

[SECURITY] Fedora 30 Update: texlive-base-20180414-37.fc30

The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font...

Supporting COVID-19 Vaccine Rollouts with Vaccine Edge

Global efforts to produce and distribute the COVID-19 vaccine continue to race ahead. But in many cases, that race is an uphill climb. Beyond the challenges in making enough of the vaccine, educating the public, and the logistics of distributing the doses, there is a new challenge. Bots...

Sudo Bug Lets Non-Privileged Linux and macOS Users Run Commands as Root

Joe Vennix of Apple security has found another significant vulnerability in sudo utility that under a specific configuration could allow low privileged users or malicious programs to execute arbitrary commands with administrative 'root' privileges on Linux or macOS systems. Sudo is one of the mos...

As Necurs Botnet Falls from Grace, Emotet Rises

A mid-January spam campaign by criminals behind the popular Necurs botnet shows a dramatic drop in skill and savvy by perpetrators. In a shift from sending sophisticated messages with lethal payloads, Necurs botnets are now peddling get-rich-quick spam messages in what researchers are calling...