CyberArk

Honda’s Keyless Access Bug Could Let Thieves Remotely Unlock and Start Vehicles

March 31, 2022 A duo of researchers has released a proof-of-concept (PoC) demonstrating the ability for a malicious actor to remote lock, unlock, and even start Honda and Acura vehicles by means of what’s called a replay attack. The attack is made possible, thanks to a vulnerability in its remote keyless system (CVE-2022-27254) that affects …

Honda’s Keyless Access Bug Could Let Thieves Remotely Unlock and Start Vehicles Read More »

Improve Your Hacking Skills with 9 Python Courses for Just $39

March 31, 2022 For anyone with interest in cybersecurity, learning Python is a must. The language is used extensively in white hat hacking, and professionals use Python scripts to automate tests. It also has a use in the “soft” side of cybersecurity — like scraping the web for compromised data and detecting bugs.  Featuring nine full-length video courses, The …

Improve Your Hacking Skills with 9 Python Courses for Just $39 Read More »

LAPSUS$ Claims to Have Breached IT Firm Globant; Leaks 70GB of Data

March 31, 2022 The LAPSUS$ data extortion gang announced their return on Telegram after a week-long “vacation,” leaking what they claim is data from software services company Globant. “We are officially back from a vacation,” the group wrote on their Telegram channel – which has nearly around 54,000 members as of writing – posting images …

LAPSUS$ Claims to Have Breached IT Firm Globant; Leaks 70GB of Data Read More »

CISA Warns of Ongoing Cyber Attacks Targeting Internet-Connected UPS Devices

March 31, 2022 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy (DoE) are jointly warning of attacks against internet-connected uninterruptible power supply (UPS) devices by means of default usernames and passwords. “Organizations can mitigate attacks against their UPS devices, which provide emergency power in a variety of applications when normal …

CISA Warns of Ongoing Cyber Attacks Targeting Internet-Connected UPS Devices Read More »

Critical SonicOS Vulnerability Affects SonicWall Firewall Appliances

March 31, 2022 SonicWall has released security updates to contain a critical flaw across multiple firewall appliances that could be weaponized by an unauthenticated, remote attacker to execute arbitrary code and cause a denial-of-service (DoS) condition. Tracked as CVE-2022-22274 (CVSS score: 9.4), the issue has been described as a stack-based buffer overflow in the web management interface …

Critical SonicOS Vulnerability Affects SonicWall Firewall Appliances Read More »

New Hacking Campaign by Transparent Tribe Hackers Targeting Indian Officials

March 30, 2022 A threat actor of likely Pakistani origin has been attributed to yet another campaign designed to backdoor targets of interest with a Windows-based remote access trojan named CrimsonRAT since at least June 2021. “Transparent Tribe has been a highly active APT group in the Indian subcontinent,” Cisco Talos researchers said in an analysis shared …

New Hacking Campaign by Transparent Tribe Hackers Targeting Indian Officials Read More »

Privid: A Privacy-Preserving Surveillance Video Analytics System

March 30, 2022 A group of academics has designed a new system known as “Privid” that enables video analytics in a privacy-preserving manner to combat concerns with invasive tracking. “We’re at a stage right now where cameras are practically ubiquitous. If there’s a camera on every street corner, every place you go, and if someone …

Privid: A Privacy-Preserving Surveillance Video Analytics System Read More »

Critical Sophos Firewall RCE Vulnerability Under Active Exploitation

March 30, 2022 Cybersecurity firm Sophos on Monday warned that a recently patched critical security vulnerability in its firewall product is being actively exploited in real-world attacks. The flaw, tracked as CVE-2022-1040, is rated 9.8 out of 10 on the CVSS scoring system and impacts Sophos Firewall versions 18.5 MR3 (18.5.3) and older. It relates to …

Critical Sophos Firewall RCE Vulnerability Under Active Exploitation Read More »

New Malware Loader ‘Verblecon’ Infects Hacked PCs with Cryptocurrency Miners

March 30, 2022 An unidentified threat actor has been observed employing a “complex and powerful” malware loader with the ultimate objective of deploying cryptocurrency miners on compromised systems and potentially facilitating the theft of Discord tokens. “The evidence found on victim networks appears to indicate that the goal of the attacker was to install cryptocurrency …

New Malware Loader ‘Verblecon’ Infects Hacked PCs with Cryptocurrency Miners Read More »

Experts Detail Virtual Machine Used by Wslink Malware Loader for Obfuscation

March 30, 2022 Cybersecurity researchers have shed more light on a malicious loader that runs as a server and executes received modules in memory, laying bare the structure of an “advanced multi-layered virtual machine” used by the malware to fly under the radar. Wslink, as the malicious loader is called, was first documented by Slovak cybersecurity company …

Experts Detail Virtual Machine Used by Wslink Malware Loader for Obfuscation Read More »

Open Whatsapp chat
Whatsapp Us
Chat with us for faster replies.