Trash – Page 3 – Cybersecurity News Everyday

Campaign Targeting Publicly Exposed Management Interfaces on Fortinet FortiGate Firewalls

January 11, 2025January 11, 2025 admin

Arctic Wolf has identified a campaign targeting Fortinet FortiGate firewall devices, where unauthorized administrative access was gained through exposed management interfaces. The attackers created new accounts, altered configurations, and exploited a potential zero-day vulnerability. Organizations are urged to disable public access to firewall management interfaces immediately.…

Trash

The Feed 2025-01-10

January 10, 2025January 10, 2025 admin

“`html

Check Point Research has identified a new version of the Banshee macOS stealer malware, which has been evading detection since September 2024. The malware targets macOS users, stealing sensitive information and utilizing an encryption algorithm similar to Apple’s XProtect. Despite the shutdown of its original operations after a code leak, Banshee continues to be distributed through phishing websites and malicious GitHub repositories.…

Trash

PacketCrypt Classic Cryptocurrency Miner on PHP Servers – SANS Internet Storm Center

January 10, 2025January 10, 2025 Securonix

The article discusses a security analysis of a malicious URL that exploits vulnerable PHP servers to download and execute cryptocurrency mining software. The investigation reveals the use of specific executables and their associated hashes, as well as the identification of a wallet address linked to the mining activity.…

Trash

The Feed 2025-01-09

January 9, 2025January 9, 2025 admin

This article explores various cyber threats, including voice phishing by the “Crypto Chameleon” group, exploitation of vulnerabilities in Kerio Control and Ivanti Connect Secure VPN, and North Korean hackers targeting cryptocurrency wallets through fake job interviews. The rise of ransomware among state-sponsored APT groups is also highlighted, indicating a troubling trend in modern cyber threats.…

Trash

Chengdu: Teahouses, Hotpots, Universities and Hackers

January 9, 2025January 9, 2025 admin

Chengdu, a city in Sichuan Province, has emerged as a significant hub for hacking activities, largely due to its laid-back atmosphere, rich educational resources, and unique culture. The Natto Team’s research highlights connections between local companies and advanced persistent threat (APT) groups, particularly APT41, while also exploring the social dynamics of Chengdu’s teahouses and hotpot restaurants that foster networking among hackers.…

Trash

ZDI Threat Hunting 2024 Highlights Trends and Challenges

January 9, 2025January 9, 2025 admin

In 2024, the Zero Day Initiative Threat Hunting team made significant strides in identifying and addressing zero-day vulnerabilities, highlighting the challenges of narrow patching and the rise of sophisticated phishing attacks. This blog outlines key achievements and trends, emphasizing the importance of proactive threat hunting and collaboration with software vendors.…

Trash

Monthly Threat Actor Group Intelligence Report, November 2024

January 8, 2025January 8, 2025 admin

This article discusses the activities of 11 cybercrime groups operating in the online space in November. These groups engage in various malicious activities, including stealing financial information, spreading ransomware, and conducting phishing attacks. Affected Platform: Online environments

Keypoints :

11 cybercrime groups identified: SectorJ09, SectorJ25, SectorJ39, SectorJ72, SectorJ85, SectorJ90, SectorJ109, SectorJ149, SectorJ165, SectorJ175, SectorJ191.…

Trash

Genetic Engineering Meets Reverse Engineering: DNA Sequencer’s Vulnerable BIOS

January 8, 2025 admin

Eclypsium’s research reveals significant BIOS/UEFI vulnerabilities in the Illumina iSeq 100 DNA sequencer, highlighting risks associated with outdated firmware and lack of security features. These vulnerabilities could allow attackers to modify firmware, posing serious supply chain security threats. Affected Platform: Illumina iSeq 100

Keypoints :

Illumina iSeq 100 uses outdated BIOS firmware without Secure Boot or write protections.…

Trash

Android Security Updates: Patch for Critical Remote Code Execution Vulnerabilities

January 7, 2025 admin

The January 2025 Android Security Bulletin highlights critical Remote Code Execution (RCE) vulnerabilities affecting various Android versions. Users are urged to update their devices to the latest security patch level (2025-01-05 or later) to mitigate risks. The vulnerabilities could allow attackers to execute harmful code without additional privileges.…

Trash

CVE Alert: CVE-2024-55629 – RedPacket Security

January 7, 2025 admin

Suricata 7.0.8 introduces options for handling TCP urgent data, addressing potential evasion issues that arose in previous versions. Users can configure rules in IPS mode to drop packets with the urgent flag set. Affected Platform: Suricata

Keypoints :

Suricata is a network Intrusion Detection System, Intrusion Prevention System, and Network Security Monitoring engine.…

Trash

Ministry of Foreign Affairs: China Strongly Opposes U.S. Claims of “Chinese Hacker Attacks” and Sanctions; National Cybersecurity Center Discovers a Batch of Malicious Foreign Websites and IPs

January 7, 2025 admin

This article discusses various cybersecurity incidents and responses, including China’s opposition to U.S. sanctions regarding alleged hacking, the discovery of malicious URLs and IPs targeting China, vulnerabilities in BeyondTrust systems, and the emergence of a phishing plugin for WordPress. Affected Platform: China, United States, WordPress

Keypoints :

China’s Foreign Ministry condemns U.S.…

Trash

Day 3 – Text Patterns I

January 7, 2025January 7, 2025 admin

This article discusses the use of text patterns in YARA rules, including various modifiers such as nocase, wide, ascii, and xor that can alter how patterns are matched. It provides examples of rules that utilize these modifiers to search for strings in different formats. Affected Platform: YARA

Keypoints :

Text patterns are the most common type of patterns in YARA rules.…

Trash

TEST

January 6, 2025January 6, 2025 admin

Ini adalah konten yang dapat dilihat oleh semua orang.

Ini adalah konten lain yang juga dapat dilihat oleh semua orang.…

Category: Trash