Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

North Korea's Moonstone Sleet Widens Distribution of Malicious Code

The recently identified threat actor uses public registries for distribution and has expanded capabilities to disrupt the software supply chain.

DARKReading
Open in Source
#web#mac#windows#microsoft#linux#cisco#nodejs#backdoor#auth
New Cross-Platform Malware 'Noodle RAT' Targets Windows and Linux Systems

A previously undocumented cross-platform malware codenamed Noodle RAT has been put to use by Chinese-speaking threat actors either for espionage or cybercrime for years. While this backdoor was previously categorized as a variant of Gh0st RAT and Rekoobe, Trend Micro security researcher Hara Hiroaki said "this backdoor is not merely a variant of existing malware, but is a new type altogether."

New Phishing Campaign Deploys WARMCOOKIE Backdoor Targeting Job Seekers

Cybersecurity researchers have disclosed details of an ongoing phishing campaign that leverages recruiting- and job-themed lures to deliver a Windows-based backdoor named WARMCOOKIE. "WARMCOOKIE appears to be an initial backdoor tool used to scout out victim networks and deploy additional payloads," Elastic Security Labs researcher Daniel Stepanic said in a new analysis. "Each sample is compiled

WarmCookie Gives Cyberattackers Tasty New Backdoor for Initial Access

The fresh-baked malware is being widely distributed, but still specifically targets individuals with tailored lures. It's poised to evolve into a bigger threat, researchers warn.

New York Times Internal Data Nabbed From GitHub

The tranche of data, lifted from underprotected GitHub repositories, reportedly includes source code, though the country's paper of record has not yet confirmed the nature of the data accessed.

A week in security (June 3 – June 9)

A list of topics we covered in the week of June 3 to June 9 of 2024

Crimson Palace: Chinese Hackers Steal Military Secrets Over 2 Years

Sophos uncovers “Operation Crimson Palace, a long-term cyberespionage effort targeting a Southeast Asian government. Learn how attackers used…

Microsoft Recall snapshots can be easily grabbed with TotalRecall tool

A worried researcher has created a tool to demonstrate exactly how much of a security backdoor Microsoft is creating with Recall.

GHSA-2p4f-vc9q-r5vp: Typo3 Arbitrary file upload and XML External Entity processing

It has been discovered that Flow 3.0.0 allows arbitrary file uploads, inlcuding server-side scripts, posing the risk of attacks. If those scripts are executed by the server when accessed through their public URL, anything not blocked through other means is possible (information disclosure, placement of backdoors, data removal, …). Note: The upload of files is only possible if the application built on Flow provides means to do so, and whether or not the upload of files poses a risk is dependent on the system setup. If uploaded script files are not executed by the server, there is no risk. In versions prior to 3.0.0 the upload of files with the extension php was blocked. In Flow 2.3.0 to 2.3.6 a potential XML External Entity processing vulnerability has been discovered in the MediaTypeConverter.

GHSA-4542-p56h-8xww: Cross-Site Scripting (XSS) vulnerabilities in Neos

It has been discovered that Neos is vulnerable to several XSS attacks. Through these vulnerabilities, an attacker could tamper with page rendering, redirect victims to a fake login page, or capture user credentials (such as cookies). With the potential backdoor upload an attacker could gain access to the server itself, to an extent mainly limited by the server setup.