3975 matches found
Free Decryptor Released for Black Basta and Babuk's Tortilla Ransomware Victims
A decryptor for the Tortilla variant of the Babuk ransomware has been released by Cisco Talos, allowing victims targeted by the malware to regain access to their files. The cybersecurity firm said the threat intelligence it shared with Dutch law enforcement authorities made it possible to arrest...
New Bandook RAT Variant Resurfaces, Targeting Windows Machines
A new variant of remote access trojan called Bandook has been observed being propagated via phishing attacks with an aim to infiltrate Windows machines, underscoring the continuous evolution of the malware. Fortinet FortiGuard Labs, which identified the activity in October 2023, said the malware ...
Kimsuky Group’s Intriguing Exploits with AppleSeed Malware
Summary: The Kimsuky group has been actively utilizing weaponized LNK files to deploy the AppleSeed malware. While the group typically relies on spear-phishing attacks for initial access, their recent campaigns have prominently featured the use of shortcut-type malware in LNK file format. AppleSe...
Fee-on-transfer/rebasing tokens will have problems when swapping
Lines of code 110 Vulnerability details Uniswap v3 does not support rebasing or fee-on-transfer tokens so using these tokens with it will result funds getting stuck. With fee-on-transfer tokens, if the balance isn't checked, the wrong amount may be transferred out. With rebasing tokens, the...
BazaCall Phishing Scammers Now Leveraging Google Forms for Deception
The threat actors behind the BazaCall call back phishing attacks have been observed leveraging Google Forms to lend the scheme a veneer of credibility. The method is an "attempt to elevate the perceived authenticity of the initial malicious emails," cybersecurity firm Abnormal Security said in a...
New P2PInfect Botnet MIPS Variant Targeting Routers and IoT Devices
Cybersecurity researchers have discovered a new variant of an emerging botnet called P2PInfect that's capable of targeting routers and IoT devices. The latest version, per Cado Security Labs, is compiled for Microprocessor without Interlocked Pipelined Stages MIPS architecture, broadening its...
DJVU Ransomware's Latest Variant 'Xaro' Disguised as Cracked Software
A variant of a ransomware strain known as DJVU has been observed to be distributed in the form of cracked software. "While this attack pattern is not new, incidents involving a DJVU variant that appends the .xaro extension to affected files and demanding ransom for a decryptor have been observed...
Hamas-Linked Cyberattacks Using Rust-Powered SysJoker Backdoor Against Israel
Cybersecurity researchers have shed light on a Rust version of a cross-platform backdoor called SysJoker, which is assessed to have been used by a Hamas-affiliated threat actor to target Israel amid the ongoing war in the region. "Among the most prominent changes is the shift to Rust language,...
Diamond Sleet supply chain compromise distributes a modified CyberLink installer
Microsoft Threat Intelligence has uncovered a supply chain attack by the North Korea-based threat actor Diamond Sleet ZINC involving a malicious variant of an application developed by CyberLink Corp., a software company that develops multimedia software products. This malicious file is a legitima...
Diamond Sleet supply chain compromise distributes a modified CyberLink installer
Microsoft Threat Intelligence has uncovered a supply chain attack by the North Korea-based threat actor Diamond Sleet ZINC involving a malicious variant of an application developed by CyberLink Corp., a software company that develops multimedia software products. This malicious file is a legitima...
CVE-2023-5055
Possible variant of CVE-2021-3434 in function leecredreconfreq...
Design/Logic Flaw
Possible variant of CVE-2021-3434 in function leecredreconfreq...
CVE-2023-5055 L2CAP: Possible Stack based buffer overflow in le_ecred_reconf_req()
Possible variant of CVE-2021-3434 in function leecredreconfreq...
CVE-2023-5055
CVE-2023-5055 is a Zephyr RTOS L2CAP issue described as a possible variant of CVE-2021-3434 in the function le_ecred_reconf_req. The connected sources provide concrete details that CVE-2021-3434 is a stack-based buffer overflow in le_ecred_conn_req affecting Zephyr versions >= 2.5.0, and that ...
Jupyter Infostealer Returns with New Addition to Its Arsenal
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Jupyter Infostealer is a malware variant initially discovered in late 2020. Since then, it has undergone continued evolution, altering its delivery methods and techniques to avoid detection and establish...
New GootLoader Malware Variant Evades Detection and Spreads Rapidly
A new variant of the GootLoader malware called GootBot has been found to facilitate lateral movement on compromised systems and evade detection. "The GootLoader group's introduction of their own custom bot into the late stages of their attack chain is an attempt to avoid detections when using...
IBM X-Force Discovers Gootloader Malware Variant- GootBot
By Deeba Ahmed GootBot: New Gootloader Variant Evades Detection with Stealthy Lateral Movement. This is a post from HackRead.com Read the original post: IBM X-Force Discovers Gootloader Malware Variant- GootBot...
F5 Networks BIG-IP : SSB Variant 4 vulnerability (K29146534)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K29146534 advisory. - Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the...
F5 Networks BIG-IP : RSRE Variant 3a vulnerability (K51801290)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K51801290 advisory. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may...
CLSA-2023-1697740212 glib2: Fix of 5 CVEs
Enable internal tests - Skip several failed tests from the check - CVE-2023-29499: Fix GVariant offset table entry size which is not checked in isnormal - CVE-2023-32611: Fix an issue where gvariantbyteswap can take a long time with some non-normal inputs - CVE-2023-32665: Fix GVariant...