News & Updates

LOBSHOT: A Stealthy, Financial Trojan and Info Stealer Delivered through Google Ads

/
In yet another instance of how threat actors are abusing Google Ads to serve malware, a threat actor has been observed leveraging the technique to deliver a new Windows-based financial trojan and information stealer called LOBSHOT.
“LOBSHOT continues to collect victims while staying under the radar,” Elastic Security Labs researcher Daniel Stepanic said in an analysis published last week.
“One
News & Updates

North Korea’s ScarCruft Deploys RokRAT Malware via LNK File Infection Chains

/
The North Korean threat actor known as ScarCruft began experimenting with oversized LNK files as a delivery route for RokRAT malware as early as July 2022, the same month Microsoft began blocking macros across Office documents by default.
“RokRAT has not changed significantly over the years, but its deployment methods have evolved, now utilizing archives containing LNK files that initiate
News & Updates

New Lobshot hVNC malware spreads via Google ads

/

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices. Researchers from Elastic Security Labs spotted a new remote access trojan dubbed LOBSHOT was being distributed through Google Ads. Threat actors are using an elaborate scheme of fake websites through Google Ads to spread their malware, the […]

The post New Lobshot hVNC malware spreads via Google ads appeared first on Security Affairs.

News & Updates

CISA adds TP-Link, Apache, and Oracle bugs to its Known Exploited Vulnerabilities catalog

/

US Cybersecurity and Infrastructure Security Agency (CISA) added TP-Link, Apache, and Oracle vulnerabilities to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following three new issues to its Known Exploited Vulnerabilities Catalog: CVE-2023-1389 (CVSS score: 8.8) – TP-Link Archer AX-21 Command Injection Vulnerability. The CVE-2023-1389 flaw is an unauthenticated […]

The post CISA adds TP-Link, Apache, and Oracle bugs to its Known Exploited Vulnerabilities catalog appeared first on Security Affairs.

Cybersecurity Tools

Transparent Tribe APT actively lures Indian Army amidst increased targeting of Educational Institutions

/

Overview APT Transparent Tribe (APT36) is luring the Indian Army into opening the malicious file themed ‘Revision of Officers posting policy.’ Quick Heal’s APT Team has been constantly tracking this persistent threat group and has encountered a new attack campaign targeting India. At the same time, we have also observed increased targeting of the education […]

The post Transparent Tribe APT actively lures Indian Army amidst increased targeting of Educational Institutions appeared first on Blogs on Information Technology, Network & Cybersecurity | Seqrite.

News & Updates

Alert: Active Exploitation of TP-Link, Apache, and Oracle Vulnerabilities Detected

/
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three flaws to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The security vulnerabilities are as follows –

CVE-2023-1389 (CVSS score: 8.8) – TP-Link Archer AX-21 Command Injection Vulnerability
CVE-2021-45046 (CVSS score: 9.0) – Apache Log4j2 Deserialization of Untrusted

News & Updates

Imperva Continues to Innovate With New Features for Online Fraud Prevention

/

Last year, Imperva embarked on a mission to help organizations combat the growing threat of digital fraud. We introduced a new solution and a range of innovative features to help detect and prevent online fraud at its earliest stages. Imperva Online Fraud Prevention stops fraud ranging from client-side attacks that exploit compromised JavaScript and steal […]

The post Imperva Continues to Innovate With New Features for Online Fraud Prevention appeared first on Blog.

Exit mobile version