Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

Why the US Congress Wants to Ban TikTok

Lawmakers are increasingly hellbent on punishing the popular social network while efforts to pass a broader privacy law have dwindled.

Wired
Open in Source
#web#mac#intel#backdoor
Lazarus Group Using New WinorDLL64 Backdoor to Exfiltrate Sensitive Data

A new backdoor associated with a malware downloader named Wslink has been discovered, with the tool likely used by the notorious North Korea-aligned Lazarus Group, new findings reveal. The payload, dubbed WinorDLL64 by ESET, is a fully-featured implant that can exfiltrate, overwrite, and delete files; execute PowerShell commands; and obtain comprehensive information about the underlying machine.

Exploit Code Released for Critical Fortinet RCE Bug

Organizations are urged to update to the latest versions of FortiNAC to patch a flaw that allows unauthenticated attackers to write arbitrary files on the system.

CVE-2023-24108: code backdoor · Issue #12 · zetacomponents/MvcTools

MvcTools 6d48cd6830fc1df1d8c9d61caa1805fd6a1b7737 was discovered to contain a code execution backdoor via the request package (requirements.txt). This vulnerability allows attackers to access sensitive user information and execute arbitrary code.

CVE-2023-24107: GitHub - jminh/hour_of_code_python_2015

hour_of_code_python_2015 commit 520929797b9ca43bb818b2e8f963fb2025459fa3 was discovered to contain a code execution backdoor via the request package (requirements.txt). This vulnerability allows attackers to access sensitive user information and execute arbitrary code.

CVE-2022-46637: ProLink PRS1841 Backdoor Account ≈ Packet Storm

Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP services.

Researchers Warn of ReverseRAT Backdoor Targeting Indian Government Agencies

A spear-phishing campaign targeting Indian government entities aims to deploy an updated version of a backdoor called ReverseRAT. Cybersecurity firm ThreatMon attributed the activity to a threat actor tracked as SideCopy. SideCopy is a threat group of Pakistani origin that shares overlaps with another actor called Transparent Tribe. It is so named for mimicking the infection chains associated

North Korean Cyber Espionage Group Deploys WhiskerSpy Backdoor in Latest Attacks

The cyber espionage threat actor tracked as Earth Kitsune has been observed deploying a new backdoor called WhiskerSpy as part of a social engineering campaign. Earth Kitsune, active since at least 2019, is known to primarily target individuals interested in North Korea with self-developed malware such as dneSpy and agfSpy. Previously documented intrusions have entailed the use of watering holes

Novel Spy Group Targets Telecoms in 'Precision-Targeted' Cyberattacks

The primary victims so far have been employees of telcos in the Middle East, who were hit with custom backdoors via the cloud, in a likely precursor to a broader attack.

Armenian Entities Hit by New Version of OxtaRAT Spying Tool

Entities in Armenia have come under a cyber attack using an updated version of a backdoor called OxtaRAT that allows remote access and desktop surveillance. "The tool capabilities include searching for and exfiltrating files from the infected machine, recording the video from the web camera and desktop, remotely controlling the compromised machine with TightVNC, installing a web shell,