Security
Headlines
HeadlinesLatestCVEs

Tag

#botnet

The Underground History of Turla, Russia's Most Ingenious Hacker Group

From USB worms to satellite-based hacking, Russia’s FSB hackers, known as Turla, have spent 25 years distinguishing themselves as “adversary number one.”

Wired
Open in Source
#web#mac#linux#git#intel#botnet#sap
It’s really OK to take a break sometimes, especially in security

The work is always going to be there, whether you take a day or a week off. Unfortunately, the cybersecurity community at large is not going to stop cybercrime overnight.

8220 Gang Exploiting Oracle WebLogic Flaw to Hijack Servers and Mine Cryptocurrency

The notorious cryptojacking group tracked as 8220 Gang has been spotted weaponizing a six-year-old security flaw in Oracle WebLogic servers to ensnare vulnerable instances into a botnet and distribute cryptocurrency mining malware. The flaw in question is CVE-2017-3506 (CVSS score: 7.4), which, when successfully exploited, could allow an unauthenticated attacker to execute arbitrary commands

Update now! Ruckus vulnerability added to CISA’s list of actively exploited bugs

Categories: Exploits and vulnerabilities Categories: News Tags: Ruckus Tags: CISA Tags: AndoryuBot Tags: CVE-2023-25717 Tags: 163.123.142.146 CISA has added a Ruckus vulnerability being abused by the AndoryuBot botnet to its catalog. (Read more...) The post Update now! Ruckus vulnerability added to CISA’s list of actively exploited bugs appeared first on Malwarebytes Labs.

Andoryu Botnet Exploits Critical Ruckus Wireless Flaw for Widespread Attack

A nascent botnet called Andoryu has been found to exploit a now-patched critical security flaw in the Ruckus Wireless Admin panel to break into vulnerable devices. The flaw, tracked as CVE-2023-25717 (CVSS score: 9.8), stems from improper handling of HTTP requests, leading to unauthenticated remote code execution and a complete compromise of wireless Access Point (AP) equipment. Andoryu was

U.S. Government Neutralizes Russia's Most Sophisticated Snake Cyber Espionage Tool

The U.S. government on Tuesday announced the court-authorized disruption of a global network compromised by an advanced malware strain known as Snake wielded by Russia's Federal Security Service (FSB). Snake, dubbed the "most sophisticated cyber espionage tool," is the handiwork of a Russian state-sponsored group called Turla (aka Iron Hunter, Secret Blizzard, SUMMIT, Uroburos, Venomous Bear,

The Team of Sleuths Quietly Hunting Cyberattack-for-Hire Services

For a decade, a group called Big Pipes has worked behind the scenes with the FBI to target the worst cybercriminal “booter” services plaguing the internet.

Researcher Spotlight: Jacob Finn creates his own public-private partnership at Talos

Today, Finn combs through Talos’ various intelligence sources, open-source research, partner resources, and Cisco product telemetry to track major attacker trends and emerging threats.

Threat Roundup for April 28 to May 5

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 28 and May 5. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key

Hackers Targeting Italian Corporate Banking Clients with New Web-Inject Toolkit DrIBAN

Italian corporate banking clients are the target of an ongoing financial fraud campaign that has been leveraging a new web-inject toolkit called drIBAN since at least 2019. "The main goal of drIBAN fraud operations is to infect Windows workstations inside corporate environments trying to alter legitimate banking transfers performed by the victims by changing the beneficiary and transferring