Category: Security

OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities
The OpenSSL project has rolled out fixes to contain two high-severity flaws in its widely used cryptography library that could result in a denial-of-service (DoS) and remote code execution. The issues, tracked as CVE-2022-3602 and CVE-2022-3786, have been described as...

An Unofficial Patch Has Been Released for Actively Exploited Windows MoTW Zero-Day
There is an unofficial patch from 0patch for a Zero-Day flaw in Microsoft Windows that allows bypassing the MotW (Mark-of-the-Web) protections that are built into the operating system and at moment it’s actively exploited. By utilizing files signed with malformed...

Growing into the Synack Red Team
Mohammad Jassim is a 17-year-old member of the Synack Red Team. In 2017, I was that rare seventh grader who had Ubuntu installed on their laptop. Typing “sudo apt-get install software-center” every chance I got boosted my ego – I...

APT trends report Q3 2022
For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot...

World’s Leading Copper Producer Aurubis Suffers Crippling Cyberattack
A cyberattack caused Europe’s largest copper producer and the world’s second-largest copper recycler, Aurubis, to shut down its IT systems. The company that claims to produce more than one million tons of copper cathodes annually revealed the incident occurred last...

Juniper JunOS RCE Flaw Let Unauthenticated Remote Attacker Execute Code
The J-Web component of Juniper Networks’ Junos OS has been discovered to contain a number of vulnerabilities, one or more of which may allow remote code execution, cross-site scripting attacks, route injection, traversal, or local file inclusion. According to Octagon...

Fodcha DDoS Botnet Resurfaces with New Capabilities
The threat actor behind the Fodcha distributed denial-of-service (DDoS) botnet has resurfaced with new capabilities, researchers reveal. This includes changes to its communication protocol and the ability to extort cryptocurrency payments in exchange for stopping the DDoS attack against a...

Synack Expands Security Platform with Adversarial API Pentesting
Synack, the premier security testing platform, has launched an API pentesting capability powered by its global community of elite security researchers. Organizations can now rely on the Synack platform for continuous pentesting coverage across “headless” API endpoints that lack a...

APT10: Tracking down LODEINFO 2022, part II
In the previous publication ‘Tracking down LODEINFO 2022, part I‘, we mentioned that the initial infection methods vary in different attack scenarios and that the LODEINFO shellcode was regularly updated for use with each infection vector. In this article, we...

APT10: Tracking down LODEINFO 2022, part I
Kaspersky has been tracking activities involving the LODEINFO malware family since 2019, looking for new modifications and thoroughly investigating any attacks utilizing those new variants. LODEINFO is sophisticated fileless malware first named in a blogpost from JPCERT/CC in February 2020....

Active Raspberry Robin Worm Launch a ‘Hands-on-Keyboard’ Attacks To Hack Entire Networks
During recent research, Microsoft has discovered evidence of a complex interconnected malware ecosystem that is associated with the Raspberry Robin worm. With other malware families, there are several root links to the Raspberry Robin worm were identified. Even security experts...

Researchers hack SpaceX Starlink satellite signal for GPS alternative
The University of Texas at Austin researchers hacked SpaceX’s Starlink Satellite’s Signal to use it as a GPS alternative without help or support from Elon Musk’s company. For your information, GPS (global positioning system) is a group of 31 satellites...