Australia Page 1

Sysrv Botnet Flaw Abuse Vulnerability Windows Linux Web Servers CMS Wordpress Spring Framework

Sysrv botnet abuses flaws found in Windows and Linux servers

Critical flaws are found in Java’s Spring Framework and WordPress CMS, allowing the Sysrv botnet to exploit them and deploy malware on compromised Windows and Linux servers. The botnet was found with a new upgraded variant, Sysrv-K, capable of scanning unpatched Spring and WordPress deployments. According to researchers, the new variant of the Sysrv botnet...
Continue Reading
Cyber Security Experts Critical Flaw F5 BIG-IP Network Devices RCE Vulnerability

Security experts found a critical flaw in F5 BIG-IP devices

According to researchers, the F5 BIG-IP currently has a remote code execution (RCE) vulnerability that can enable threat actors to conduct numerous exploits. The F5 BIG-IP device users are warned to apply the latest security patch to avoid being a target. F5 has disclosed a critical remote code execution flaw tracked by researchers as CVE-2022-1388...
Continue Reading
Researchers Critical Vulnerability dotCMS Content Management System RCE

Researchers discovered a critical vulnerability in dotCMS

A pre-authenticated remote code execution (RCE) flaw was discovered inside the dotCMS, a source content management system. The system is coded in Java and has several users that reach about 10,000 individuals across over 70 countries globally. Fortune 500 brands and average-sized businesses comprise these.   The vulnerability in the dotCMS could allow RCE if...
Continue Reading
Cybersecurity Malware Loader Bumblebee BazarLoader Backdoor Threat Actors Cyberthreat

Researchers discovered a new malware loader dubbed Bumblebee

A newly discovered malware loader, called Bumblebee, has been identified by cybersecurity researchers as being utilised by roughly three separate threat groups connected with ransomware operations. Experts assumed that the Bumblebee was created by its operators to become a substitute for the BazarLoader backdoor. They also claimed that there is a high possibility that the...
Continue Reading
APT29 Cozy Bear Russian Hackers US Europe Government Phishing Campaign

APT29 targets government agencies in a recent phishing campaign

Government agencies are the recent target of an ongoing phishing campaign run by the Cozy Bear advance persistent threat group or the APT29. The threat group, also known as Nobelium, has been active since 2014 that mainly operates on cyber-espionage campaigns. The recently identified spear-phishing campaign involves hackers pretending to include important policy updates originating...
Continue Reading
Experts Rapid Network Cyberattack Quantum Ransomware IcedID Malware Cobalt Strike

Experts found a rapid network attack done by the Quantum ransomware

A ransomware strain first found in August 2021 called the Quantum ransomware was observed launching attacks that experts described as speedy as its progress seems to escalate quickly in a targeted network before installed security defenders could detect and conduct measures. According to the research analysis, the described ransomware attack only needs over three hours...
Continue Reading
2021 Record High Zero Day Exploit Vulnerability Cyberattacks Cyber Threat Google

2021 marked record-high zero-day exploits hit, as per analysts

Record-high zero-day exploits had been recorded for 2021 after security analysts in Google disclosed their findings regarding the threat. The researchers also added that last year’s record of zero-day exploits is the most ever detected for a year — with 58 cases found — since they began hunting in 2014. Furthermore, analysts were alarmed with...
Continue Reading
Hackers QR Codes Data Theft Qshing Cyberattacks Phishing

Hackers exploit QR codes to steal from victims via Qshing attacks

As convenient as the QR codes for its users worldwide, the tool is also currently being exploited for cybercrimes. Many threat actors abuse QR codes to deploy Qshing attacks or QR code phishing to steal sensitive info and money from victims or spread malware by tampering with it. The QR code technology was initially intended for quickly...
Continue Reading
Botnets DDoS Cyberattacks Enemybot Fodcha Vulnerability Exploit IoT Devices

Two new botnets joined the fray in conducting DDoS attacks

The Enemybot and the Fodcha botnets have been trying to compromise numerous targets globally by abusing multiple flaws in routers, modems, and Internet of Things (IoT) devices. These two newly discovered botnets can perform distributed denial-of-service attacks on any location. Enemybot and Fodcha are the newest addition to the long lists of botnets that will...
Continue Reading
GitHub Hackers Infiltration Stolen OAuth Tokens NPM Travis CI Heroku Data Breach

GitHub revealed that hackers infiltrated firms through stolen OAuth tokens

According to GitHub, malicious threat actors utilised stolen OAuth user tokens published to Travis-CI and Heroku to download data from repositories. Since being first spotted last week, the hackers could have already breached and stolen numerous data from targeted organisations that use Travis-CI and Heroku-maintained OAuth apps. A security officer at GitHub said that their...
Continue Reading
1 2 3 20