Microsoft Patch Tuesday Fixes New Windows Zero-Day; No Patch for Exchange Server Bugs
Microsoft released fixes for a Windows zero-day and a publicly disclosed vulnerability on October Patch Tuesday but security updates for two Exchange Server zero-days discovered last month are still in [...]
Researchers Detail Malicious Tools Used by Cyberespionage Group Earth Aughisky
A brand new piece of analysis has detailed the more and more refined nature of the malware toolset employed by a sophisticated persistent risk (APT) group named Earth Aughisky. Earth Aughisky [...]
Unpatched RCE Vulnerability in Zimbra Actively Exploited
Zimbra-CVE-2022-41352 is an unpatched remote code execution vulnerability in Zimbra Collaboration Suite discovered in the wild due to active exploitation. The vulnerability is due to the method (cpio) in which Zimbra’s antivirus [...]
LilithBot Malware, a new MaaS offered by the Eternity Group
Zscaler researchers linked a recently discovered sample of a new malware called LilithBot to the Eternity group. What is LilithBot Malware? LilithBot, a multipurpose malware sample, was found by ThreatLabz. Further investigation [...]
Hackers Can Use ‘App Mode’ in Chromium Browsers’ for Stealth Phishing Attacks
In what’s a new phishing technique, it has been shown that the Application Mode attribute in Chromium-primarily based web browsers can be abused to generate “real looking desktop phishing applications.” [...]
Get Social