New Karma ransomware group likely a Nemty rebrand

Sentinel Labs found evidence of Karma ransomware being just another evolutionary step in the strain that started as JSWorm, became Nemty, then Nefilim, Fusion, Milihpen, and most recently, Gangbang.

Squirrel Engine Bug Could Let Attackers Hack Games and Cloud Services

Tracked as CVE-2021-41556, the issue occurs when a game library referred to as Squirrel Engine is used to execute untrusted code and affects stable release branches 3.x and 2.x of Squirrel.

PurpleFox Adds New Vulnerability Exploit, Rootkit Capabilities, and .NET Backdoor

The new backdoor leverages WebSockets to communicate with its command-and-control (C&C) servers, resulting in a more robust and secure means of communication compared to regular HTTP traffic.

Microsoft fixes Surface Pro 3 TPM bypass with public exploit code

Microsoft has patched a security feature bypass vulnerability impacting Surface Pro 3 tablets, enabling threat actors to introduce malicious devices within enterprise environments.

Multiple vulnerabilities discovered in ZTE's LTE routers

Cisco Talos recently discovered multiple vulnerabilities in the ZTE MF971R LTE portable router. An attacker could exploit these by sending a specially crafted HTTP request to the targeted device.

Node.js was vulnerable to a novel HTTP request smuggling technique

The maintainers of Node.js have patched two HTTP request smuggling (HRS) vulnerabilities in the JavaScript runtime environment, including one found using what appears to be a new HRS technique.

Chinese Actors Use MysterySnail RAT to Exploit Windows Zero-day

Chinese Actors Use MysterySnail RAT to Exploit Windows Zero-day - Cybersecurity news - Malware and Vulnerabilities
Kaspersky unearthed a cyberespionage campaign exploiting a zero-day flaw in Windows to deliver MysterySnail malware and steal data. A connection to a Chinese-speaking APT was also established. Experts recommend organizations stay proactive and ready with adequate security measures.

Microsoft asks admins to patch PowerShell to fix WDAC bypass

By exploiting the WDAC security bypass vulnerability tracked as CVE-2020-0951, threat actors can execute PowerShell commands that would otherwise be blocked when WDAC is enabled.

Injection vulnerabilities in popular WordPress plugin could expose credentials, allow admin access

The security flaws in the Fastest Cache plugin, which has more than one million active downloads, were discovered during an internal audit of the software by Jetpack Security.

BlackByte: Free Decryptor Released for Ransomware Strain

Unfortunately, the underlying encryption problem in BlackByte is likely in the process of already being fixed by the malware's developer, says Karl Sigler of Trustwave SpiderLabs.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags