Frequent verification codes may appear for non-Mainland China IP visits. If visitors are severely affected, please send [IP|ASN](3.215.79.68|AS14618) to the bottom mailbox to add to the whitelist

文章列表

4hour ago   SessionManager Backdoor employed in attacks on Microsoft IIS servers worldwide    #Security Affairs #安全文章 Researchers warn of a new ‘SessionManager’ Backdoor that was employed in attacks targeting Microsoft IIS Servers since March 2021. Researchers from Kaspersky Lab have discovered a new ‘SessionManager’ Backdoor that was employed in attacks targeting Microsoft IIS Servers since

10hour ago   A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers    #Security Affairs #安全文章 Microsoft spotted a cloud threat actor tracked as 8220 that is now targeting Linux servers in a long-running cryptomining campaign. Microsoft Security Intelligence experts are warning of a long-running campaign conducted by a cloud threat actor group, tracked as 8220, that is now targeting Linux ser

18hour ago   Pro-Russian hackers launched a massive DDoS attack against Norway    #Security Affairs #安全文章 Norway’s National Security Authority (NSM) confirmed that a DDoS attack took down some of the country’s most important websites. Norway’s National Security Authority (NSM) confirmed that some of the country’s most important websites and online services were taken down by a ma

yday 07:00   Korean cybersecurity agency released a free decryptor for Hive ransomware    #Security Affairs #安全文章 Good news for the victims of the Hive ransomware, Korean security researchers have released a free decryptor for some versions. Good news for the victims of the Hive ransomware, the South Korean cybersecurity agency KISA has released a free decryptor for versions from v1 till v4. “The Korea In

yday 01:58   Experts blame North Korea-linked Lazarus APT for the Harmony hack    #Security Affairs #安全文章 North Korea-linked Lazarus APT group is suspected to be behind the recent hack of the Harmony Horizon Bridge. Recently, threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony. The company reported the incident to the authorities, the FBI is investigating the cyb

yday 22:13   Ex-Canadian government employee admits to being a member of the Russian cybercrime gang NetWalker    #Security Affairs #安全文章 A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. A former Canadian government employee, Sebastien Vachon-Desjardins, pleaded guilty in the U.S. to charges related to his involvement with the Russian cybercrime group NetWalker. In

yday 14:36   YTStealer info-stealing malware targets YouTube content creators    #Security Affairs #安全文章 Researchers detailed a new information-stealing malware, dubbed YTStealer, that targets YouTube content creators. Intezer cybersecurity researchers have detailed a new information-stealing malware, dubbed YTStealer, that was developed to steal authentication cookies from YouTube content creators. Th

dby 22:48   Path Traversal flaw in UnRAR utility can allow hacking Zimbra Mail servers    #Security Affairs #安全文章 Researchers discovered a new flaw in RARlab’s UnRAR utility, tracked CVE-2022-30333, that can allow to remotely hack Zimbra Webmail servers. SonarSource researchers have discovered a new vulnerability in RARlab’s UnRAR utility, tracked as CVE-2022-30333, that can be exploited by remote a

dby 18:40   Mitre shared 2022 CWE Top 25 most dangerous software weaknesses    #Security Affairs #安全文章 The MITRE organization published the 2022 CWE Top 25 most dangerous software weaknesses. The MITRE shared the list of the 2022 top 25 most common and dangerous weaknesses, it could help organizations to assess internal infrastructure and determine their surface of attack. The presence of these vulne

dby 17:31   RansomHouse gang claims to have stolen 450GB of data from chip maker giant AMD    #Security Affairs #安全文章 The RansomHouse gang claims to have breached the Chipmaker giant AMD and stole 450 GB of data from the company in 2021. The RansomHouse extortion gang claims to have stolen 450 GB of data from the chipmaker giant AMD in 2021 and threatens to leak it or sell it if the company will not pay […]Th

2022-06-29 05:25   NON-STATE ACTORS IN THE CYBERSPACE: AN ATTEMPT TO A TAXONOMIC CLASSIFICATION, ROLE, IMPACT AND RELATIONS WITH A STATE’S SOCIOECONOMIC STRUCTURE    #Security Affairs #安全文章 This paper provides a taxonomic classification of non-state actors in the cyberspace, analyzing their role and impact on a state’s socioeconomic structure Cyber Non-State Actors (CNSA) are key figures in our globalized world: their operations could have a significant impact on international affairs,

2022-06-29 05:24   ZuoRAT malware hijacks SOHO Routers to spy in the vitims    #Security Affairs #安全文章 A new RAT dubbed ZuoRAT was employed in a campaign aimed at small office/home office (SOHO) routers in North American and Europe. Researchers from Black Lotus Labs, the threat intelligence division of Lumen Technologies, have discovered a new remote access trojan (RAT) called ZuoRAT, which targets s

2022-06-28 22:40   LockBit 3.0 introduces important novelties, including a bug bounty program    #Security Affairs #安全文章 The LockBit ransomware operators released LockBit 3.0 with important novelties, including a bug bounty program and Zcash payments. The Lockbit ransomware operation has released LockBit 3.0, which has important noveòties such as a bug bounty program, Zcash payment, and new extortion tactics. The gang

2022-06-28 19:02   Latest OpenSSL version is affected by a remote memory corruption flaw    #Security Affairs #安全文章 Expert discovered a remote memory-corruption vulnerability affecting the latest version of the OpenSSL library. Security expert Guido Vranken discovered a remote memory-corruption vulnerability in the recently released OpenSSL version 3.0.4. The library was released on June 21, 2022, and affects x64

2022-06-28 14:38   Two critical flaws affect CODESYS ICS Automation Software    #Security Affairs #安全文章 CODESYS addressed 11 security flaws in the ICS Automation Software that could lead to information disclosure and trigger a denial-of-service (DoS) condition. CODESYS has released security patches to fix eleven 11 vulnerabilities in its ICS Automation Software. CoDeSys is a development environment fo

By QianX.in