Category: Security

Microsoft Warns Rise in XorDdos Malware Targeting Linux Devices
A Linux botnet malware known as XorDdos has witnessed a 254% surge in activity over the last six months, according to latest research from Microsoft. The trojan, so named for carrying out denial-of-service attacks on Linux systems and its use...

Pwn2Own 2022 – Windows 11, MS Teams and Firefox Pwned on Day 1
Other than Windows 11, Microsoft Teams and Mozilla Firefox, Oracle Virtualbox, Ubuntu Desktop, and Safari browser were also hacked on day one of PWN2OWN 2022 in Vancouver. Pwn2Own is a hacking contest where white hate hackers come forward and compete...

Microsoft Warns of Malware Campaign Targeting SQL Servers Using Brute Force
The United States Department of Homeland Security has issued a threat advisory regarding brute-forcing attacks aimed at exploiting weak passwords used on Microsoft SQL Server (MSSQL) database servers exposed to the internet. It is clear that the intrusions analyzed by...

New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars
A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas. The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low...

Kali Linux 2022.2 Release With New Hacking Tools & Updates
A new version of Kali Linux 2022.2 with new hacking tools was released, and there are a number of upgrades included in this release, all of which are available for download or updating instantly. For over a decade, offensive security...

US Warns Firms About North Korean Hackers Posing as IT Workers
US government has warned organizations to beware of hackers in the guise of IT freelancers claiming to be non-DPRK (Democratic People’s Republic of Korea) nationals. According to an advisory issued by the United States State and Treasury Departments and the Federal Bureau...

Understanding Public and Private Bug Bounties and Vulnerability Disclosure Programs
How Are Bug Bounty Programs and Vulnerability Disclosure Programs Different? Let’s start with the similarities. Both bug bounties and VDPs aim to collect vulnerability reports from third parties. These third parties can be security researchers, ethical hackers, partners, customers, or...

How to Protect Your Data When Ransomware Strikes
Ransomware is not a new attack vector. In fact, the first malware of its kind appeared more than 30 years ago and was distributed via 5.25-inch floppy disks. To pay the ransom, the victim had to mail money to a...

KurayStealer – Tool Sold to Criminals that Have Password Stealing and Screenshot Capabilities
There was an advertisement by a discord user with the handle “Portu” that exploded over the internet on April 23rd, 2022 for a new password-stealing malware builder. It is a sort of program that enables so-called script kiddie hackers, to...

New Sysrv-k Botnet Infecting Windows and Linux Systems with Cryptominer
Microsoft has discovered a new Sysrv botnet variant deploying cryptocurrency miners on Windows and Linux systems. The Microsoft Security Intelligence team posted a series of tweets on their official Twitter handle (@MsftSecIntel) to reveal startling details on the new variant of the...

Hackers Exploiting a Critical Vulnerability in Zyxel Firewall & VPN Devices
Several hackers have newly begun exploiting a recently patched critical vulnerability, identified as CVE-2022-30525, which is affecting business firewall and VPN devices from Zyxel. In response to this vulnerability, the cybersecurity experts at Rapid7 have discovered that a number of...

Evaluation of cyber activities and the threat landscape in Ukraine
Introduction When the war in Ukraine broke out, many analysts were surprised to discover that what was simultaneously happening in the cyber domain did not match their predictions[1]. Since the beginning of the fighting, new cyberattacks taking place in Ukraine...