Blog – Page 461 – Learn and Explore

February 14, 2023
Uncategorized

Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second

Web infrastructure company Cloudflare on Monday disclosed that it thwarted a record-breaking distributed denial-of-service (DDoS) attack that peaked at over 71 million requests per second (RPS). “The majority of attacks peaked in the ballpark of 50-70 million requests per second (RPS) with the largest exceeding 71 million,” the company said,...

February 14, 2023
Uncategorized

Patch Now: Apple’s iOS, iPadOS, macOS, and Safari Under Attack with New Zero-Day Flaw

Apple on Monday rolled out security updates for iOS, iPadOS, macOS, and Safari to address a zero-day flaw that it said has been actively exploited in the wild. Tracked as CVE-2023-23529, the issue relates to a type confusion bug in the WebKit browser engine that could be activated when processing maliciously crafted web content,...

February 13, 2023
Uncategorized

Hackers Create Malicious Dota 2 Game Modes to Secretly Access Players’ Systems

An unknown threat actor created malicious game modes for the Dota 2 multiplayer online battle arena (MOBA) video game that could have been exploited to establish backdoor access to players’ systems. The modes exploited a high-severity flaw in the V8 JavaScript engine tracked as CVE-2021-38003 (CVSS score: 8.8), which was exploited as a zero-day and...

February 13, 2023
Uncategorized

Honeypot-Factory: The Use of Deception in ICS/OT Environments

There have been a number of reports of attacks on industrial control systems (ICS) in the past few years. Looking a bit closer, most of the attacks seem to have spilt over from traditional IT. That’s to be expected, as production systems are commonly connected to ordinary corporate networks...

February 13, 2023
Uncategorized

Chinese Tonto Team Hackers’ Second Attempt to Target Cybersecurity Firm Group-IB Fails

The advanced persistent threat (APT) actor known as Tonto Team carried out an unsuccessful attack on cybersecurity company Group-IB in June 2022. The Singapore-headquartered firm said that it detected and blocked malicious phishing emails originating from the group targeting its employees. It’s also the second attack aimed at Group-IB, the first of which...

February 13, 2023
Uncategorized

Hackers Targeting U.S. and German Firms Monitor Victims’ Desktops with Screenshotter

A previously unknown threat actor has been targeting companies in the U.S. and Germany with bespoke malware designed to steal confidential information. Enterprise security company Proofpoint, which is tracking the activity cluster under the name Screentime, said the group, dubbed TA866, is likely financially motivated. “TA866 is an organized actor able...

February 11, 2023
Uncategorized

New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool

After the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a decryptor for affected victims to recover from ESXiArgs ransomware attacks, the threat actors have bounced back with an updated version that encrypts more data. The emergence of the new variant was reported by a system administrator on an online...

February 11, 2023
Uncategorized

Enigma, Vector, and TgToxic: The New Threats to Cryptocurrency Users

Suspected Russian threat actors have been targeting Eastern European users in the crypto industry with fake job opportunities as bait to install information-stealing malware on compromised hosts. The attackers “use several highly obfuscated and under-development custom loaders in order to infect those involved in the cryptocurrency industry with Enigma...

February 11, 2023
Uncategorized

CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active abuse in the wild. Included among the three is CVE-2022-24990, a bug affecting TerraMaster network-attached storage (TNAS) devices that could lead to unauthenticated remote code execution with the...

February 10, 2023
Uncategorized

Researchers Uncover Obfuscated Malicious Code in PyPI Python Packages

Four different rogue packages in the Python Package Index (PyPI) have been found to carry out a number of malicious actions, including dropping malware, deleting the netstat utility, and manipulating the SSH authorized_keys file. The packages in question are aptx, bingchilling2, httops, and tkint3rs, all of which were collectively downloaded about 450 times...