Feb 13, 2025Ravie LakshmananMalware / Cyber Espionage Threat hunters have shed light on a new campaign targeting the foreign ministry of an unnamed South American nation with bespoke malware capable of granting remote access to infected hosts. The activity, detected in November 2024, has been attributed by Elastic Security Labs to a threat cluster it … Read more
The U.S. government is warning of a new exploit against multiple flaws in cloud applications. The Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are chaining a number of CVE-listed vulnerabilities into a single exploit script. The flaws in question are present in Ivanti appliances version 4.6 and earlier. The threat actors use the … Read more
Jan 21, 2025Ravie LakshmananBotnet / Vulnerability Cybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed Murdoc_Botnet. The ongoing activity “demonstrates enhanced capabilities, exploiting vulnerabilities to compromise devices and establish expansive botnet networks,” Qualys … Read more
Normally, Secure Boot prevents the UEFI from running all subsequent files unless they bear a digital signature certifying those files are trusted by the device maker. The exploit bypasses this protection by injecting shell code stashed in a malicious bitmap image displayed by the UEFI during the boot-up process. The injected code installs a cryptographic key … Read more
Cloud services have become a critical enabler for modern businesses, offering scalable, secure storage and processing capabilities. However, these same services are increasingly being exploited by ransomware groups as tools for both compromising systems and exfiltrating sensitive data. Ransomware exploits cloud services A recent report from SentinelLabs, The State of Cloud Ransomware in 2024, highlights … Read more
