#c++

Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that can allow operators to conduct reconnaissance and execute arbitrary commands on compromised hosts. "Threat actors leveraged compromised credentials that mapped to both Cisco VPN and an over-privileged Active Directory account named, 'serviceaccount,'" eSentire said in a technical report published

A China-aligned threat actor codenamed UTA0388 has been attributed to a series of spear-phishing campaigns targeting North America, Asia, and Europe that are designed to deliver a Go-based implant known as GOVERSHELL. "The initially observed campaigns were tailored to the targets, and the messages purported to be sent by senior researchers and analysts from legitimate-sounding, completely

FortiGuard Labs reveals Chaos-C++, a new Chaos ransomware variant that deletes files over 1.3 GB instead of encrypting them and uses clipboard hijacking to steal cryptocurrency.

New encryption, wiper, and cryptocurrency-stealing capabilities make the evolving ransomware-as-a-service operation more dangerous than ever.

A threat actor named Detour Dog has been outed as powering campaigns distributing an information stealer known as Strela Stealer. That's according to findings from Infoblox, which found the threat actor to maintain control of domains hosting the first stage of the stealer, a backdoor called StarFish. The DNS threat intelligence firm said it has been tracking Detour Dog since August 2023, when

A threat actor that's known to share overlaps with a hacking group called YoroTrooper has been observed targeting the Russian public sector with malware families such as FoalShell and StallionRAT. Cybersecurity vendor BI.ZONE is tracking the activity under the moniker Cavalry Werewolf. It's also assessed to have commonalities with clusters tracked as SturgeonPhisher, Silent Lynx, Comrade Saiga,

### Summary CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal `ldlogger` library, which is executed by the `CodeChecker log` command. ### Details Unsafe usage of `strcpy()` function in the internal `ldlogger` library allows attackers to trigger a buffer overflow by supplying crafted inputs from the command line. Specifically, the destination buffer is stack-allocated with a fixed size of 4096 bytes, while `strcpy()` is called without any length checks, enabling an attacker to overrun the buffer. ### PoC Example script is included below to illustrate how this vulnerability can be exploited. ```bash #!/bin/bash export CC_LOGGER_DEF_DIRS=1; payload=''; for i in $(seq 1 4090); do payload+='A'; done CodeChecker log -b "/very/long/path/to/$payload/gcc a.c" -o compilation.json ``` ### Impact Any environment where the vulnerable `CodeChecker log` command is executed with untrusted user input is affected by this vulnerability.

An Iran-nexus cyber espionage group known as UNC1549 has been attributed to a new campaign targeting European telecommunications companies, successfully infiltrating 34 devices across 11 organizations as part of a recruitment-themed activity on LinkedIn. Swiss cybersecurity company PRODAFT is tracking the cluster under the name Subtle Snail. It's assessed to be affiliated with Iran's Islamic

New research reveals Raven Stealer malware that targets browsers like Chrome and Edge to steal personal data. Learn how this threat uses simple tricks like process hollowing to evade antiviruses and why it's a growing risk for everyday users.

Alongside new iPhones, Apple released a new security architecture on Tuesday: Memory Integrity Enforcement aims to eliminate the most frequently exploited class of iOS bugs.