CyberArk

Alert: ‘Effluence’ Backdoor Persists Despite Patching Atlassian Confluence Servers

November 11, 2023 Cybersecurity researchers have discovered a stealthy backdoor named Effluence that’s deployed following the successful exploitation of a recently disclosed security flaw in Atlassian Confluence Data Center and Server. “The malware acts as a persistent backdoor and is not remediated by applying patches to Confluence,” Aon’s Stroz Friedberg Incident Response Services said in an analysis published Article …

Alert: ‘Effluence’ Backdoor Persists Despite Patching Atlassian Confluence Servers Read More »

Iran-Linked Imperial Kitten Cyber Group Targeting Middle East’s Tech Sectors

November 11, 2023 A group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October 2023 amid a surge in Iranian cyber activity since the onset of the Israel-Hamas war. The attacks have been attributed by CrowdStrike to a threat actor it tracks under the name Imperial Kitten, …

Iran-Linked Imperial Kitten Cyber Group Targeting Middle East’s Tech Sectors Read More »

Stealthy Kamran Spyware Targeting Urdu-speaking Users in Gilgit-Baltistan

November 11, 2023 Urdu-speaking readers of a regional news website that caters to the Gilgit-Baltistan region have likely emerged as a target of a watering hole attack designed to deliver a previously undocumented Android spyware dubbed Kamran. The campaign, ESET has discovered, leverages Hunza News (urdu.hunzanews[.]net), which, when opened on a mobile device, prompts visitors of the …

Stealthy Kamran Spyware Targeting Urdu-speaking Users in Gilgit-Baltistan Read More »

Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability

November 10, 2023 The threat actor known as Lace Tempest has been linked to the exploitation of a zero-day flaw in SysAid IT support software in limited attacks, according to new findings from Microsoft. Lace Tempest, which is known for distributing the Cl0p ransomware, has in the past leveraged zero-day flaws in MOVEit Transfer and PaperCut servers. The …

Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability Read More »

New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers

November 10, 2023 A new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate a malicious installer for a popular system profiling tool called CPU-Z. “This incident is a part of a larger malvertising campaign that targets other utilities like Notepad++, Citrix, and VNC Viewer as seen in …

New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers Read More »

When Email Security Meets SaaS Security: Uncovering Risky Auto-Forwarding Rules

November 10, 2023 While intended for convenience and efficient communication, email auto-forwarding rules can inadvertently lead to the unauthorized dissemination of sensitive information to external entities, putting confidential data at risk of exposure to unauthorized parties. Wing Security (Wing), a SaaS security company, announced yesterday that their SaaS shadow IT discovery methods now include a solution Article …

When Email Security Meets SaaS Security: Uncovering Risky Auto-Forwarding Rules Read More »

MuddyC2Go: New C2 Framework Iranian Hackers Using Against Israel

November 10, 2023 Iranian nation-state actors have been observed using a previously undocumented command-and-control (C2) framework called MuddyC2Go as part of attacks targeting Israel. “The framework’s web component is written in the Go programming language,” Deep Instinct security researcher Simon Kenin said in a technical report published Wednesday. The tool has been attributed to MuddyWater, an Iranian  Article posted by: https://thehackernews.com/2023/11/muddyc2go-new-c2-framework-iranian.html ——————————————————————————————————————– …

MuddyC2Go: New C2 Framework Iranian Hackers Using Against Israel Read More »

CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation

November 10, 2023 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-29552 (CVSS score: 7.5), the issue relates to a denial-of-service (DoS) vulnerability that could be weaponized to launch massive DoS Article posted …

CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation Read More »

Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation

November 9, 2023 Cybersecurity researchers have developed what’s the first fully undetectable cloud-based cryptocurrency miner leveraging the Microsoft Azure Automation service without racking up any charges. Cybersecurity company SafeBreach said it discovered three different methods to run the miner, including one that can be executed on a victim’s environment without attracting any attention. “While this Article posted …

Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation Read More »

WhatsApp Introduces New Privacy Feature to Protect IP Address in Calls

November 9, 2023 Meta-owned WhatsApp is officially rolling out a new privacy feature in its messaging service called “Protect IP Address in Calls” that masks users’ IP addresses to other parties by relaying the calls through its servers. “Calls are end-to-end encrypted, so even if a call is relayed through WhatsApp servers, WhatsApp cannot listen to your …

WhatsApp Introduces New Privacy Feature to Protect IP Address in Calls Read More »

Open Whatsapp chat
Whatsapp Us
Chat with us for faster replies.