New RIG Exploit Kit Campaign Infecting Victims’ PCs with RedLine Stealer
A new campaign leveraging an exploit kit has been observed abusing an Internet Explorer flaw patched by Microsoft last year to deliver the RedLine...
Tagged: exploit
New EnemyBot DDoS Botnet Borrows Exploit Code from Mirai and Gafgyt
A threat group that pursues crypto mining and distributed denial-of-service (DDoS) attacks has been linked to a new botnet called Enemybot, which has been...
Java Spring4Shell flaw exploit attempts: These are the industries most affected
The sector most heavily impacted by the Spring4Shell Java flaw is technology, according to security firm Check Point. Spring4Shell is a bug worth paying...
Chrome and Edge hit with V8 type confusion vulnerability with in-the-wild exploit
Image: slyellow/Shutterstock Google is urging users on Windows, macOS, and Linux to update Chrome builds to version 99.0.4844.84, following the discovery of a vulnerability...
New Exploit Bypasses Existing Spectre-v2 Mitigations in Intel, AMD, Arm CPUs
Researchers have disclosed a new technique that could be used to circumvent existing hardware mitigations in modern processors from Intel, AMD, and Arm and...
Some ‘Smol’ NFTs returned after Treasure marketplace exploit leads to theft
Hackers who exploited a vulnerability in NFT marketplace Treasure began returning most of the “Smol Brain” and “Legion” NFTs they stole on Thursday. The...
Hackers Exploit Bug in SMS Verification Services to Infect Android Devices
An analysis of SMS phone-verified account (PVA) services has led to the discovery of a rogue platform built atop a botnet involving thousands of...
Application Security / Audits / Cloud Security / Data Protection / Email Security / Endpoint Security / Fraud & Identity Theft / Identity & Access / Incident Response / Malware / Network Security / NEWS & INDUSTRY / Phishing / Risk Management / Virus & Malware / Vulnerabilities
Project Zero: Zoom Platform Missed ASLR Exploit Mitigation
A prominent security researcher poking around at the Zoom video conferencing platform found worrying signs the company failed to enable a decades-old anti-exploit mitigation,...
Iranian Hackers Exploit Log4j Vulnerability to Deploy PowerShell Backdoor
An Iranian state-sponsored actor has been observed scanning and attempting to abuse the Log4Shell flaw in publicly-exposed Java applications to deploy a hitherto undocumented...
Report: Increased Log4J exploit attempts leads to all-time peak in weekly cyberattacks per org
Cybersecurity firm Check Point Research has released new data from 2021 showing that among their customers, there was a significant increase in overall cyberattacks...