Hot Topics

cybersecurity threats

DarkGate Malware Campaign Exploits Patched Microsoft Flaw

| | Advanced persistent threat (APT), Cyber Attack Mitigation, Cybersecurity News, cybersecurity threats, DarkGate Malware, DLL Sideloading, Exploit Techniques, Malicious Software Installers, Malware Analysis, Microsoft Flaw, patch management, Phishing Campaigns, Trend Micro, Water Hydra, Zero Day Initiative (ZDI)
The Zero Day Initiative (ZDI) by Trend Micro uncovered a phishing campaign that exploited a patched Microsoft flaw to infect devices with DarkGate malware. CVE-2024-21412 was the Microsoft patch that was exploited ...
TuxCare

LockBit Ransomware Resurgence After Law Enforcement Takedown

| | cybercrime, Cybersecurity News, cybersecurity threats, dark web, Data breaches, encryption, law enforcement, LockBit ransomware, Operation Cronos, Ransomware-as-a-Service (RaaS), Tor Network
LockBit ransomware, which has also been known as “ABCD,” has resurfaced on the dark web despite being dealt with strictly by the global law enforcement task force. This development of LockBit ransomware ...
TuxCare

New SSH-Snake Worm-Like Tool Threatens Network Security

| | Cyber Threats, Cybersecurity, cybersecurity defense strategies, cybersecurity threats, Cybersecurity Weaknesses, enterprise security, Linux & Open Source News, open source, self-modifying worm, SSH malware, ssh private keys, SSH security, SSH-Snake, SSH-Snake malware, SSH-Snake worm, Sysdig Threat Research Team
The Sysdig Threat Research Team (TRT) discovered that a threat actor is leveraging an open-source network mapping tool called SSH-Snake for malicious activities. This tool utilizes SSH credentials found on the compromised ...
TuxCare

VMWare Urges Users to Uninstall EAP Immediately

| | CVE-2024-22245, CVE-2024-22250, Cybersecurity, cybersecurity defense strategies, cybersecurity threats, Cybersecurity Weaknesses, Enhanced Authentication Plugin, enterprise security, Linux & Open Source News, security, security vulnerabilites, Virtualization, VMware
VMware has issued a no-patch advisory urging users to take swift action by removing the deprecated Enhanced Authentication Plug-in (EAP). EAP was deprecated nearly three years ago, in March 2021, with the ...
TuxCare

SmartScreen Vulnerability Exploited To Target Traders

| | CVE-2024-21412, Cybersecurity Measures, Cybersecurity News, cybersecurity threats, DarkMe Malware, Financial Market Traders, microsoft defender, phishing campaign, SmartScreen Vulnerability, Water Hydra APT, Zero-day Exploit
A cybersecurity firm has recently detected a flaw in the Microsoft Defender SmartScreen and is terming it a zero-day threat. The target devices are infected with highly dangerous DarkMe malware through this ...
TuxCare

Bumblebee Malware Targets US Businesses With New Methods

| | Advanced Attack Methods, BazaLoader Syndicate, Bumblebee Malware, cyber threat actors, Cybersecurity Measures, Cybersecurity News, cybersecurity threats, malware attacks, Ransomware Payloads, US Enterprises, Voicemail-themed Emails
A recent report revealed that, four months after its sudden disappearance, the notorious Bumblebee malware has emerged once again with different US-based organizations as its target.  It was observed that a number ...
TuxCare

Roundcube Webmail Vulnerability Under Exploitation, Patch Now

| | CISA Advisory, cisa known exploited vulnerabilities, cisa known exploited vulnerabilities catalog, CISA Threat Update, CVE-2023-43770, Cybersecurity, cybersecurity threats, enterprise security, Linux & Open Source News, Roundcube Webmail, Roundcube Webmail Vulnerability, security patches, security vulnerabilites
Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Roundcube webmail vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2023-43770, this issue is a persistent cross-site scripting (XSS) ...
TuxCare

Volt Typhoon Malware: US Critical Infrastructure Breached

| | Advanced Persistent Threats, APTs, China's embassy, Chinese state-sponsored hacking group, cisa, Citizen Lab, collaboration, CrowdStrike report, Cybersecurity, Cybersecurity News, cybersecurity threats, defense mechanisms, FBI, Five Eyes alliance, influence campaign, LotL techniques, multi-hop proxies, nsa, operational security, PAPERWALL, Reuters, The Hacker News, US critical infrastructure, Volt Typhoon
In a recent revelation, the U.S. government disclosed that the Chinese state-sponsored hacking group, Volt Typhoon has surreptitiously infiltrated critical infrastructure networks within the country for a staggering five-year period. This embedded ...
TuxCare

Unrestricted Code Execution

| | Article Series, code execution, Cybersecurity, cybersecurity threats, Phishing, Top top 10 cybersecurity misconfigurations
This article is part of a series where we look at a recent NSA/CISA Joint Cybersecurity Advisory on the top cybersecurity issues identified during red/blue team exercises operated by these organizations. In ...
TuxCare

FritzFrog Botnet Strikes Back Exploiting Log4Shell Vulnerability

| | Akamai, botnet, Botnet Tactics, CVE-2021-44228, cybersecurity threats, enterprise security, FritzFrog, FritzFrog botnet, Golang-based Botnet, Linux & Open Source News, Log4Shell Vulnerability, P2P botnet, PwnKit vulnerability, SSH malware
A new variant of the sophisticated botnet “FritzFrog” has emerged, leveraging the Log4Shell vulnerability for propagation. Despite more than two years passing since the Log4j flaw was discovered, attackers continue to exploit ...
TuxCare
Load more