Security Bulletin
20 Feb 2024
Biztonsági szemle
Prudential Financial, loanDepot attacks admitted by ALPHV/BlackCat
Recent cyberattacks against major global financial services provider Prudential Financial and major U.S. retail mortgage lender loanDepot have been claimed by the ALPHV/BlackCat ransomware operation, reports BleepingComputer.
20 Feb 2024
Biztonsági szemle
Cryptowallets spoofed by SpyNote Android trojan
Operators of the SpyNote Android banking trojan have updated the payload to impersonate legitimate cryptocurrency wallets and facilitate cryptocurrency exfiltration, which represents a significant shift from the malware's prior focus on account...
20 Feb 2024
Biztonsági szemle
Novel MMS Fingerprint attack used by NSO Group against WhatsApp
Novel MMS Fingerprint attack used by NSO Group against WhatsApp WhatsApp users have been targeted by Israeli spyware firm NSO Group through the new MMS Fingerprint attack that involved the exploitation of a vulnerability in the widely used messaging...
20 Feb 2024
Biztonsági szemle
New crypto laundering approach leveraged by Lazarus
BleepingComputer reports that mounting sanctions against various bitcoin mixing services have prompted North Korean hacking collective Lazarus Group to transition to the YoMix bitcoin mixer for its money laundering activities.
20 Feb 2024
Biztonsági szemle
Ethercat Zeek Plugin
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: CISA Equipment: Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat Plugin for Zeek Vulnerabilities: Out-of-bounds Write, Out...
20 Feb 2024
Biztonsági szemle
Mitsubishi Electric Electrical Discharge Machines
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: Electrical discharge machines Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful...
20 Feb 2024
Biztonsági szemle
Commend WS203VICM
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Commend Equipment: WS203VICM Vulnerabilities: Argument Injection, Improper Access Control, Weak Encoding for Password 2. RISK EVALUATION...
20 Feb 2024
Biztonsági szemle
CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems (ICS) advisories on February 20, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-051-01 Commend WS203VICM ICSA-24...
20 Feb 2024
Biztonsági szemle
An Obsession With Impact: The Inspiring Journey of a Dreamer That Led to a Career at Microsoft
Bruce’s story unfolds in Cincinnati, Ohio. As a young boy, he had an ambitious dream of one day becoming the President of the United States. This aspiration remained his guiding star until he began his professional career after college. His mother...
20 Feb 2024
Biztonsági szemle
Python InfoStealer With Dynamic Sandbox Detection, (Tue, Feb 20th)
Infostealers written in Python are not new. They also onboard a lot of sandbox detection mechanisms to prevent being executed (and probably detected) by automatic analysis. Last week, I found one that uses the same approach but in a different way...
20 Feb 2024
Biztonsági szemle
ISC Stormcast For Tuesday, February 20th, 2024 https://isc.sans.edu/podcastdetail/8860, (Tue, Feb 20th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Pagination
- Previous page ‹‹
- Page 1133
- Next page ››