SSLoad Malware Combined with Tools Hijacks Entire Network Domain
The FROZEN#SHADOW attack campaign employs SSLoad malware alongside Cobalt Strike Implants to seize control of the entire network. Additionally, threat actors utilize Remote Monitoring and Management (RMM) software like ScreenConnect [...]
Cactus Ransomware Exploits Vulnerability in Qlik Servers
Since November 2023, the Cactus ransomware gang has been exploiting vulnerable Qlik Sense servers, leveraging multiple vulnerabilities including CVE-2023-41266 (Path Traversal), CVE-2023-41265 (HTTP Request Tunneling), and CVE-2023-48365 (Unauthenticated Remote Code [...]
Hackers exploit Autodesk Drive to host weaponized PDF files
Autodesk Drive serves as a cloud-based data-sharing platform for organizations, facilitating document and file sharing. It accommodates various file formats, including 2D and 3D data files such as PDFs, accessible [...]
GuptiMiner Exploits eScan to Distribute Miners and Backdoors
Avast researchers recently uncovered GuptiMiner, an aged malware. It leverages the eScan antivirus update system to surreptitiously implant backdoors and cryptocurrency mining software into users’ computers and extensive corporate networks. [...]
Urgent: GitLab Flaw Allows Account Takeover – Act Now
GitLab has issued security patches (16.11.1, 16.10.4, and 16.9.6) for both Community and Enterprise Editions, emphasizing the importance of upgrading to these versions to mitigate vulnerabilities. Scheduled bi-monthly patch releases [...]
Get Social