
Misconfigured Windows Servers Are Contributing To DDoS Attacks, Researchers Warn
Posted on November 3, 2022 at 6:37 AM Security researchers at Black Lotus Labs have discovered that Windows Server misconfigurations have kept servers at risk of being hit by a distributed denial of service (DDoS) attacks. Already, organizations are falling...

SandStrike Spyware Infecting Android Devices through VPN Apps
Did you know 38% of VPN apps on Google Play Store are plagued with malware? Nonetheless, the IT security researchers at Kaspersky have discovered that threat actors are increasingly relying on SandStrike spyware that is specifically impacting Android devices. The...

Hacker AFK: the_arch_angel
Today’s hacker the_arch_angel JXoaT: What was your first experience with hacking growing up? the_arch_angel: I actually didn’t do any hacking growing up. It wasn’t until post-college that I started showing interest in computer security. Growing up, I had seen movies with...

Multiple Vulnerabilities Reported in Checkmk IT Infrastructure Monitoring Software
Multiple vulnerabilities have been disclosed in Checkmk IT Infrastructure monitoring software that could be chained together by an unauthenticated, remote attacker to fully take over affected servers. “These vulnerabilities can be chained together by an unauthenticated, remote attacker to gain...

Server-side attacks, C&C in public clouds and other MDR cases we observed
Introduction This report describes several interesting incidents observed by the Kaspersky Managed Detection and Response (MDR) team. The goal of the report is to inform our customers about techniques used by attackers. We hope that learning about the attacks that took...

How I Found My Next Mission In Cybersecurity
Trevor Granger is a Technical Manager in Operations, Federal. He has 18 years of service and is currently in Officer Training School for the Air Force. I was a freshman in high school when September 11th, 2001 happened. I will...

Leaked Amazon Prime Video Server Exposed Users Viewing Habits
Remember when a Chinese server leaked 7GB worth of data including fake Amazon reviews? Well now, an Elasticsearch database dubbed Sauron was left unprotected in cyberspace without any security authentication. According to security researcher Anurag Sen, the database was stored...

Samsung Galaxy Store Flaw Allows Remote Attacker to Run Code on Affected Phones
A security flaw in the Galaxy Store allows attackers to trigger remote code execution on affected smartphones. The now patched vulnerability, which affects Galaxy Store version 4.5.32.4, relates to a cross-site scripting (XSS) bug that occurs when handling certain deep...

OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities
The OpenSSL project has rolled out fixes to contain two high-severity flaws in its widely used cryptography library that could result in a denial-of-service (DoS) and remote code execution. The issues, tracked as CVE-2022-3602 and CVE-2022-3786, have been described as...

An Unofficial Patch Has Been Released for Actively Exploited Windows MoTW Zero-Day
There is an unofficial patch from 0patch for a Zero-Day flaw in Microsoft Windows that allows bypassing the MotW (Mark-of-the-Web) protections that are built into the operating system and at moment it’s actively exploited. By utilizing files signed with malformed...

Growing into the Synack Red Team
Mohammad Jassim is a 17-year-old member of the Synack Red Team. In 2017, I was that rare seventh grader who had Ubuntu installed on their laptop. Typing “sudo apt-get install software-center” every chance I got boosted my ego – I...

APT trends report Q3 2022
For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot...