Lucene search
+L

213 matches found

Cvelist
Cvelist
added 2024/01/10 5:6 p.m.45 views

CVE-2023-29444 Uncontrolled Search Path Element in PTC's Kepware KEPServerEX

An uncontrolled search path element vulnerability DLL hijacking has been discovered that could allow a locally authenticated adversary to escalate privileges to SYSTEM. Alternatively, they could host a trojanized version of the software and trick victims into downloading and installing their...

6.3CVSS7.8AI score0.00171EPSS
Exploits0References2
hivepro
hivepro
added 2023/11/27 5:47 a.m.26 views

Lazarus Group Orchestrates Supply Chain Attack on CyberLink Corp

Summary: The Lazarus Group Labyrinth Chollima orchestrated a supply chain attack on CyberLink Corp., manipulating a legitimate application installer to impact over 100 devices globally. The attack involves a second-stage payload, labeled LambLoad, communicating with compromised infrastructure and...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/23 5:46 a.m.80 views

N. Korean Hackers Distribute Trojanized CyberLink Software in Supply Chain Attack

A North Korean state-sponsored threat actor tracked as Diamond Sleet is distributing a trojanized version of a legitimate application developed by a Taiwanese multimedia software developer called CyberLink to target downstream customers via a supply chain attack. "This malicious file is a...

9.8CVSS9.9AI score0.99979EPSS
Exploits17
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/11/22 5:0 p.m.59 views

Diamond Sleet supply chain compromise distributes a modified CyberLink installer

Microsoft Threat Intelligence has uncovered a supply chain attack by the North Korea-based threat actor Diamond Sleet ZINC involving a malicious variant of an application developed by CyberLink Corp., a software company that develops multimedia software products. This malicious file is a legitima...

7.5CVSS7.2AI score0.99979EPSS
Exploits17
Microsoft Secure
Microsoft Secure
added 2023/11/22 5:0 p.m.66 views

Diamond Sleet supply chain compromise distributes a modified CyberLink installer

Microsoft Threat Intelligence has uncovered a supply chain attack by the North Korea-based threat actor Diamond Sleet ZINC involving a malicious variant of an application developed by CyberLink Corp., a software company that develops multimedia software products. This malicious file is a legitima...

7.5CVSS7.2AI score0.99979EPSS
Exploits17
The Hacker News
The Hacker News
added 2023/10/18 2:51 p.m.47 views

Lazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC Apps

The North Korea-linked Lazarus Group aka Hidden Cobra or TEMP.Hermit has been observed using trojanized versions of Virtual Network Computing VNC apps as lures to target the defense industry and nuclear engineers as part of a long-running campaign known as Operation Dream Job. "The threat actor...

7AI score
Exploits0
Securelist
Securelist
added 2023/08/30 10:0 a.m.101 views

IT threat evolution in Q2 2023

IT threat evolution in Q2 2023 IT threat evolution in Q2 2023. Non-mobile statistics IT threat evolution in Q2 2023. Mobile statistics Targeted attacks Gopuram backdoor deployed through 3CX supply-chain attack Earlier this year, a Trojanized version of the 3CXDesktopApp, a popular VoIP program, w...

7.5CVSS10AI score0.99999EPSS
Exploits73
The Hacker News
The Hacker News
added 2023/08/22 10:12 a.m.39 views

Carderbee Attacks: Hong Kong Organizations Targeted via Malicious Software Updates

A previously undocumented threat cluster has been linked to a software supply chain attack targeting organizations primarily located in Hong Kong and other regions in Asia. The Symantec Threat Hunter Team, part of Broadcom, is tracking the activity under its insect-themed moniker Carderbee. The...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/27 1:12 p.m.40 views

New Malvertising Campaign Distributing Trojanized IT Tools via Google and Bing Search Ads

A new malvertising campaign has been observed leveraging ads on Google Search and Bing to target users seeking IT tools like AnyDesk, Cisco AnyConnect VPN, and WinSCP, and trick them into downloading trojanized installers with an aim to breach enterprise networks and likely carry out future...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/13 1:0 a.m.53 views

Zero-day deploys remote code execution vulnerability via Word documents

An unpatched zero-day vulnerability is currently being abused in the wild, targeting those with an interest in Ukraine. Microsoft reports that CVE-2023-36884 is tied to reports of: …a series of remote code execution vulnerabilities impacting Windows and Office products. Microsoft is aware of...

6.8CVSS7.5AI score0.98998EPSS
Exploits3
Microsoft Secure
Microsoft Secure
added 2023/07/11 5:30 p.m.51 views

Storm-0978 attacks reveal financial and espionage motives

Microsoft has identified a phishing campaign conducted by the threat actor tracked as Storm-0978 targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, which included a remote code execution vulnerability exploited before disclosu...

8AI score0.98998EPSS
Exploits3
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/07/11 5:30 p.m.74 views

Storm-0978 attacks reveal financial and espionage motives

Microsoft has identified a phishing campaign conducted by the threat actor tracked as Storm-0978 targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, which included a remote code execution vulnerability exploited before disclosu...

6.8CVSS8AI score0.98998EPSS
Exploits3
The Hacker News
The Hacker News
added 2023/06/22 1:13 p.m.4 views

Alert: Million of GitHub Repositories Likely Vulnerable to RepoJacking Attack

Millions of software repositories on GitHub are likely vulnerable to an attack called RepoJacking , a new study has revealed. This includes repositories from organizations such as Google, Lyft, and several others, Massachusetts-based cloud-native security firm Aqua said in a Wednesday report. The...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/29 12:15 p.m.54 views

AceCryptor: Cybercriminals' Powerful Weapon, Detected in 240K+ Attacks

A crypter alternatively spelled cryptor malware dubbed AceCryptor has been used to pack numerous strains of malware since 2016. Slovak cybersecurity firm ESET said it identified over 240,000 detections of the crypter in its telemetry in 2021 and 2022. This amounts to more than 10,000 hits per...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/09 1:29 p.m.4 views

Operation ChattyGoblin: Hackers Targeting Gambling Firms via Chat Apps

A gambling company in the Philippines was the target of a China-aligned threat actor as part of a campaign that has been ongoing since October 2021. Slovak cybersecurity firm ESET is tracking the series of attacks against Southeast Asian gambling companies under the name Operation ChattyGoblin...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/06 11:24 a.m.30 views

Dragon Breath APT Group Using Double-Clean-App Technique to Target Gambling Industry

An advanced persistent threat APT actor known as Dragon Breath has been observed adding new layers of complexity to its attacks by adopting a novel DLL side-loading mechanism. "The attack is based on a classic side-loading attack, consisting of a clean application, a malicious loader, and an...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/22 6:46 a.m.2 views

Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach

Lazarus, the prolific North Korean hacking group behind the cascading supply chain attack targeting 3CX, also breached two critical infrastructure organizations in the power and energy sector and two other businesses involved in financial trading using the trojanized XTRADER application. The new...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/21 9:55 a.m.121 views

N.K. Hackers Employ Matryoshka Doll-Style Cascading Supply Chain Attack on 3CX

The supply chain attack targeting 3CX was the result of a prior supply chain compromise associated with a different company, demonstrating a new level of sophistication with North Korean threat actors. Google-owned Mandiant, which is tracking the attack event under the moniker UNC4736, said the...

8.8CVSS8.4AI score0.23546EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/04/11 12:29 p.m.2 views

Cybercriminals Turn to Android Loaders on Dark Web to Evade Google Play Security

Malicious loader programs capable of trojanizing Android applications are being traded on the criminal underground for up to $20,000 as a way to evade Google Play Store defenses. "The most popular application categories to hide malware and unwanted software include cryptocurrency trackers,...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/30 6:31 a.m.42 views

3CX Desktop App Supply Chain Attack Leaves Millions at Risk - Urgent Update on the Way!

3CX said it's working on a software update for its desktop app after multiple cybersecurity vendors sounded the alarm on what appears to be an active supply chain attack that's using digitally signed and rigged installers of the popular voice and video conferencing software to target downstream...

6.4AI score
Exploits0
Rows per page
Query Builder