Month: October 2022
World’s Leading Copper Producer Aurubis Suffers Crippling Cyberattack
A cyberattack caused Europe’s largest copper producer and the world’s second-largest copper recycler, Aurubis, to shut down its IT systems. The company that claims to produce more than one million tons of copper cathodes annually revealed the incident occurred last...
Juniper JunOS RCE Flaw Let Unauthenticated Remote Attacker Execute Code
The J-Web component of Juniper Networks’ Junos OS has been discovered to contain a number of vulnerabilities, one or more of which may allow remote code execution, cross-site scripting attacks, route injection, traversal, or local file inclusion. According to Octagon...
Fodcha DDoS Botnet Resurfaces with New Capabilities
The threat actor behind the Fodcha distributed denial-of-service (DDoS) botnet has resurfaced with new capabilities, researchers reveal. This includes changes to its communication protocol and the ability to extort cryptocurrency payments in exchange for stopping the DDoS attack against a...
Synack Expands Security Platform with Adversarial API Pentesting
Synack, the premier security testing platform, has launched an API pentesting capability powered by its global community of elite security researchers. Organizations can now rely on the Synack platform for continuous pentesting coverage across “headless” API endpoints that lack a...
APT10: Tracking down LODEINFO 2022, part II
In the previous publication ‘Tracking down LODEINFO 2022, part I‘, we mentioned that the initial infection methods vary in different attack scenarios and that the LODEINFO shellcode was regularly updated for use with each infection vector. In this article, we...
APT10: Tracking down LODEINFO 2022, part I
Kaspersky has been tracking activities involving the LODEINFO malware family since 2019, looking for new modifications and thoroughly investigating any attacks utilizing those new variants. LODEINFO is sophisticated fileless malware first named in a blogpost from JPCERT/CC in February 2020....
Twilio Revealed Another Breach On Its Server From The Same Group
Posted on October 31, 2022 at 8:41 AM U.S. communications service provider Twilio recently disclosed that it suffered another cyber attack carried out by the same threat actors behind the August hack that led to the unauthorized access of customers’...
Active Raspberry Robin Worm Launch a ‘Hands-on-Keyboard’ Attacks To Hack Entire Networks
During recent research, Microsoft has discovered evidence of a complex interconnected malware ecosystem that is associated with the Raspberry Robin worm. With other malware families, there are several root links to the Raspberry Robin worm were identified. Even security experts...
Chinese APT10 Hackers Are Planting LODEINFO Malware In Antivirus Software
Posted on October 30, 2022 at 8:16 PM This Chinese Cicada hacking group has been discovered abusing antivirus security software to install a new version of the LODEINFO malware against Japanese organizations. The hacking group, tracked as APT10, was observed...
Researchers hack SpaceX Starlink satellite signal for GPS alternative
The University of Texas at Austin researchers hacked SpaceX’s Starlink Satellite’s Signal to use it as a GPS alternative without help or support from Elon Musk’s company. For your information, GPS (global positioning system) is a group of 31 satellites...
Drinik Malware With Advanced Capabilities Targeting 18 Indian Banks
Drinik Android trojan is using a new version to target 18 Indian banks, posing as the app used by the country to manage tax payments. The main aim of these criminals is to steal personal and bank account information from...
RomCom RAT Distributed as Spoofed Versions of Popular IP Scanning Tool
The threat actor behind a remote access trojan, ‘RomCom RAT’ is now targeting Ukrainian military institutions. The threat actors are known to spoof legitimate apps like ‘Advanced IP Scanner’ and ‘PDF Filler’ to drop backdoors on compromised systems. Reports say...
