Category: Security

OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities

OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities

The OpenSSL project has rolled out fixes to contain two high-severity flaws in its widely used cryptography library that could result in a denial-of-service (DoS) and remote code execution. The issues, tracked as CVE-2022-3602 and CVE-2022-3786, have been described as...

/ November 1, 2022
An Unofficial Patch Has Been Released for Actively Exploited Windows MoTW Zero-Day

An Unofficial Patch Has Been Released for Actively Exploited Windows MoTW Zero-Day

There is an unofficial patch from 0patch for a Zero-Day flaw in Microsoft Windows that allows bypassing the MotW (Mark-of-the-Web) protections that are built into the operating system and at moment it’s actively exploited. By utilizing files signed with malformed...

/ November 1, 2022
Growing into the Synack Red Team

Growing into the Synack Red Team

Mohammad Jassim is a 17-year-old member of the Synack Red Team.  In 2017, I was that rare seventh grader who had Ubuntu installed on their laptop. Typing “sudo apt-get install software-center” every chance I got boosted my ego – I...

/ November 1, 2022
APT trends report Q3 2022

APT trends report Q3 2022

For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot...

/ November 1, 2022
World’s Leading Copper Producer Aurubis Suffers Crippling Cyberattack

World’s Leading Copper Producer Aurubis Suffers Crippling Cyberattack

A cyberattack caused Europe’s largest copper producer and the world’s second-largest copper recycler, Aurubis, to shut down its IT systems. The company that claims to produce more than one million tons of copper cathodes annually revealed the incident occurred last...

/ October 31, 2022
Juniper JunOS RCE Flaw Let Unauthenticated Remote Attacker Execute Code

Juniper JunOS RCE Flaw Let Unauthenticated Remote Attacker Execute Code

The J-Web component of Juniper Networks’ Junos OS has been discovered to contain a number of vulnerabilities, one or more of which may allow remote code execution, cross-site scripting attacks, route injection, traversal, or local file inclusion. According to Octagon...

/ October 31, 2022
Fodcha DDoS Botnet Resurfaces with New Capabilities

Fodcha DDoS Botnet Resurfaces with New Capabilities

The threat actor behind the Fodcha distributed denial-of-service (DDoS) botnet has resurfaced with new capabilities, researchers reveal. This includes changes to its communication protocol and the ability to extort cryptocurrency payments in exchange for stopping the DDoS attack against a...

/ October 31, 2022
Synack Expands Security Platform with Adversarial API Pentesting

Synack Expands Security Platform with Adversarial API Pentesting

Synack, the premier security testing platform, has launched an API pentesting capability powered by its global community of elite security researchers. Organizations can now rely on the Synack platform for continuous pentesting coverage across “headless” API endpoints that lack a...

/ October 31, 2022
APT10: Tracking down LODEINFO 2022, part II

APT10: Tracking down LODEINFO 2022, part II

In the previous publication ‘Tracking down LODEINFO 2022, part I‘, we mentioned that the initial infection methods vary in different attack scenarios and that the LODEINFO shellcode was regularly updated for use with each infection vector. In this article, we...

/ October 31, 2022
APT10: Tracking down LODEINFO 2022, part I

APT10: Tracking down LODEINFO 2022, part I

Kaspersky has been tracking activities involving the LODEINFO malware family since 2019, looking for new modifications and thoroughly investigating any attacks utilizing those new variants. LODEINFO is sophisticated fileless malware first named in a blogpost from JPCERT/CC in February 2020....

/ October 31, 2022
Active Raspberry Robin Worm Launch a ‘Hands-on-Keyboard’ Attacks To Hack Entire Networks

Active Raspberry Robin Worm Launch a ‘Hands-on-Keyboard’ Attacks To Hack Entire Networks

During recent research, Microsoft has discovered evidence of a complex interconnected malware ecosystem that is associated with the Raspberry Robin worm. With other malware families, there are several root links to the Raspberry Robin worm were identified. Even security experts...

/ October 31, 2022
Researchers hack SpaceX Starlink satellite signal for GPS alternative

Researchers hack SpaceX Starlink satellite signal for GPS alternative

The University of Texas at Austin researchers hacked SpaceX’s Starlink Satellite’s Signal to use it as a GPS alternative without help or support from Elon Musk’s company. For your information, GPS (global positioning system) is a group of 31 satellites...

/ October 30, 2022