Exploit

Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws – Go Health Pro

by
Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws – Go Health Pro

Jan 16, 2025Ravie LakshmananEndpoint Security / Ransomware Cybersecurity researchers have detailed an attack that involved a threat actor utilizing a Python-based backdoor to maintain persistent access to compromised endpoints and then leveraged this access to deploy the RansomHub ransomware throughout the target network. According to GuidePoint Security, initial access is said to have been facilitated … Read more

Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners – Go Health Pro

by
Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners – Go Health Pro

Jan 13, 2025Ravie LakshmananVulnerability / Cloud Security A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners. Cloud security firm Wiz said it’s currently responding to “multiple incidents” involving the weaponization of CVE-2024-50603 (CVSS score: 10.0), a maximum … Read more

Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices – Go Health Pro

by
Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices – Go Health Pro

Jan 10, 2025Ravie LakshmananCybersecurity / Android Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey’s Audio (APE) decoder on Samsung smartphones that could lead to code execution. The high-severity vulnerability, tracked as CVE-2024-49415 (CVSS score: 8.1), affects Samsung devices running Android versions 12, 13, and 14. “Out-of-bounds write in libsaped.so prior to SMR Dec-2024 … Read more

New “DoubleClickjacking” Exploit Bypasses Clickjacking Protections on Major Websites – Go Health Pro

by
New “DoubleClickjacking” Exploit Bypasses Clickjacking Protections on Major Websites – Go Health Pro

Jan 01, 2025Ravie LakshmananWeb Security / Vulnerability Threat hunters have disclosed a new “widespread timing-based vulnerability class” that leverages a double-click sequence to facilitate clickjacking attacks and account takeovers in almost all major websites. The technique has been codenamed DoubleClickjacking by security researcher Paulos Yibelo. “Instead of relying on a single click, it takes advantage … Read more

Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware – Go Health Pro

by
Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware – Go Health Pro

Dec 17, 2024Ravie LakshmananMalware / Credential Theft A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. “An attacker used social engineering via a Microsoft Teams call to impersonate a user’s client and gain remote access to their system,” Trend Micro researchers Catherine … Read more

x