A sophisticated malware campaign has been uncovered, leveraging 7-Zip self-extracting archives and the UltraVNC remote access tool to target Russian-speaking entities. The operation, attributed to a threat actor dubbed GamaCopy, mimics tactics previously associated with the Kremlin-aligned Gamaredon group. The…
Tag: Cyber Security News
Threat Actors Weaponized XWorm RAT Builder To Attack Script Kiddies
A sophisticated attack campaign have been uncovered recently by the cybersecurity researchers at CloudSEK targeting aspiring hackers, commonly known as “script kiddies.” The operation involves a trojanized version of the XWorm Remote Access Trojan (RAT) builder, which has been weaponized…
Chrome Security Update – Memory Corruption & Access Vulnerabilities Patched
Google has rolled out a new Stable Channel Update for its Chrome browser, addressing critical security vulnerabilities that posed significant risks to users. The update, version 132.0.6834.110/111 for Windows and Mac and 132.0.6834.110 for Linux is being gradually deployed and…
New Phishing Framework Attacking Multiple Brands To Steal Customer Logins
A sophisticated new phishing framework dubbed “FlowerStorm” has emerged, targeting multiple brands simultaneously to steal customer login credentials. Cybersecurity researchers at CloudSEK have uncovered this alarming development, which poses a significant threat to organizations and consumers alike. FlowerStorm, active since…
SCAVY – Framework to Detect Memory Corruption in Linux Kernel for Privilege Escalation
Researchers have unveiled SCAVY, a novel framework designed to automate the discovery of memory corruption targets in the Linux kernel. This discovery aims to address critical gaps in the detection and prevention of privilege escalation exploits, which often leverage memory-corruption…
Apache Solr For Windows Vulnerability Allows Arbitrary Path write-access
A newly disclosed vulnerability in Apache Solr, identified as CVE-2024-52012, has raised concerns among users of the search platform, particularly those running instances on Windows systems. The flaw, categorized as a Relative Path Traversal vulnerability, allows attackers to gain arbitrary…
Critical Intel Trust Domain Extensions Isolation Vulnerability Exposes Sensitive Data
A team of researchers from the Indian Institute of Technology Kharagpur and Intel Corporation has uncovered a significant vulnerability in Intel’s Trust Domain Extensions (TDX) technology, potentially compromising the security of sensitive data in cloud computing environments. Intel TDX, introduced…
Windows Charset Conversion Feature Exploited to Execute Remote Code
Security researchers have uncovered a critical vulnerability in Windows stemming from its “Best-Fit” character conversion feature, which has been exploited to execute remote code. This newly identified attack surface, dubbed “WorstFit,” leverages certain features of Windows’ internal character encoding system…
Critical Fleet Server Vulnerability Exposes Sensitive Information
A critical vulnerability (CVE-2024-52975) has been identified in Elastic’s Fleet Server, posing a severe risk of sensitive information exposure. The flaw, affecting Fleet Server versions 8.13.0 through 8.15.0, allows sensitive data to be logged at the INFO and ERROR log…
Hackers Using RID Hijacking Technique To Create Secret Windows Admin Account
The North Korean-linked Andariel hacking group has been identified using a sophisticated attack campaign that employs the Relative Identifier (RID) technique to covertly create hidden administrator accounts on Windows systems. This deceptive technique enables attackers to avoid traditional detection measures…