Found 20 bookmarks
Custom sorting
Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia
Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia
The team at CYFIRMA analyzed a malicious Android sample designed to target high-value assets in Southern Asia. This sample, attributed to an unknown threat actor, was generated using the Spynote Remote Administration Tool. While the specifics of the targeted asset remain confidential, it is likely that such a target would attract the interest of APT groups. However, we are restricted from disclosing further details about the actual target and its specific region. For a comprehensive analysis, please refer to the detailed report
#cyfirma#EN#2024#Unidentified#Threat#Actor#Malware#research#Android#Spynote#Remote#Administration#Tool
·cyfirma.com·
Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia
Ivanti warns of three more CSA zero-days exploited in attacks
Ivanti warns of three more CSA zero-days exploited in attacks
American IT software company Ivanti has released security updates to fix three new Cloud Services Appliance (CSA) zero-days tagged as actively exploited in attacks.
#bleepingcomputer#EN#2024#Bypass#Ivanti#Code#Command#Actively#Remote#Services#Exploited#Injection#Execution#Security#Zero-Day#CSA#Cloud#Appliance#CVE-2024-9379#CVE-2024-9380#CVE-2024-9381
·bleepingcomputer.com·
Ivanti warns of three more CSA zero-days exploited in attacks
Exploiting pfsense Remote Code Execution – CVE-2022-31814
Exploiting pfsense Remote Code Execution – CVE-2022-31814
Greetings everyone, In this write-up, we will be exploring the interesting exploitation that has been done against the pfsense CVE-2022-31814. What is pfsense? pfSense software is a FreeBSD-based operating system designed to install and configure a firewall that can be easily configured via the web interface and installed on any PC. With all of the
#laburity.com#en#2024#pfsense#Remote#Code#Execution#CVE-2022-31814
·laburity.com·
Exploiting pfsense Remote Code Execution – CVE-2022-31814
Critical Cisco bug lets hackers add root users on SEG devices
Critical Cisco bug lets hackers add root users on SEG devices
Cisco has fixed a critical severity vulnerability that lets attackers add new users with root privileges and permanently crash Security Email Gateway (SEG) appliances using emails with malicious attachments. Tracked as CVE-2024-20401, this arbitrary file write security flaw in the SEG content scanning and message filtering features is caused by an absolute path traversal weakness that allows replacing any file on the underlying operating system.
#bleepingcomputer#EN#2024#Code#InfoSec#Execution#Path#Gateway#Denial#DoS#Remote#Cisco#RCE#CVE-2024-20401#SEG
·bleepingcomputer.com·
Critical Cisco bug lets hackers add root users on SEG devices
Storm-0978 attacks reveal financial and espionage motives
Storm-0978 attacks reveal financial and espionage motives
Microsoft has identified a phishing campaign conducted by the threat actor tracked as Storm-0978 targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, which included a zero-day remote code execution vulnerability exploited via Microsoft Word documents.
#microsoft#EN#2023#Storm-0978#Follina#CVE-2023-36884#ero-day#remote#phishing
·microsoft.com·
Storm-0978 attacks reveal financial and espionage motives