Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector

Microsoft's decision to block Visual Basic for Applications (VBA) macros by default for Office files downloaded from the internet has led many threat actors to improvise their attack chains in recent months. Now according to Cisco Talos, advanced persistent threat (APT) actors and commodity malware families alike are increasingly using Excel add-in (.XLL) files as an initial intrusion vector.

The Hacker News
Open in Source
#vulnerability#mac#windows#microsoft#cisco#c++#backdoor#The Hacker News
GHSA-g86j-hwg9-77q5: SentinelOne impersonated via PyPI packages

In December 2022, threat actors impersonated SentinelOne by uploading fake software development kits (SDKs) onto PyPI. The SDKs contain fully functional SentinelOne clients, but the packages also contained malicious backdoors that are only executed when called on programmatically, as opposed to during installation. The packages have since been taken down from PyPI.

BlueNoroff APT Hackers Using New Ways to Bypass Windows MotW Protection

BlueNoroff, a subcluster of the notorious Lazarus Group, has been observed adopting new techniques into its playbook that enable it to bypass Windows Mark of the Web (MotW) protections. This includes the use of optical disk image (.ISO extension) and virtual hard disk (.VHD extension) file formats as part of a novel infection chain, Kaspersky disclosed in a report published today. "BlueNoroff

Courier Deprixa 2.5 Backdoor Account

Courier Deprixa version 2.5 has been reported as having a default backdoor account.

Consultine Consulting Business And Finance Website CMS 1.8 Backdoor Account

Consultine Consulting Business and Finance Website CMS version 1.8 has been reported as having a default backdoor account.

Car Dealer Pro 2.01 Backdoor Account

Car Dealer Pro version 2.01 has been reported as having a default backdoor account.

Botble 5.28.3 Backdoor Account

Botble version 5.28.3 has been reported as having a default backdoor account.

Active Ecommerce CMS 6.4.0 Backdoor Account

Active Ecommerce CMS version 6.4.0 has been reported as having a default backdoor account.

ProLink PRS1841 PLDT Router Backdoor

The ProLink PRS1841 home router suffers from having a backdoor account.

2022 Top Five Immediate Threats in Geopolitical Context

As we are nearing the end of 2022, looking at the most concerning threats of this turbulent year in terms of testing numbers offers a threat-based perspective on what triggers cybersecurity teams to check how vulnerable they are to specific threats. These are the threats that were most tested to validate resilience with the Cymulate security posture management platform between January 1st and