HackDig : Dig high-quality web security articles

New FamousSparrow APT group used ProxyLogon exploits in its attacks

Researchers spotted a new cyberespionage group, dubbed FamousSparrow, that used ProxyLogon exploits to target hotels worldwide. Researchers from ESET discovered a new cyberespionage group, tracked as FamousSparrow, that has been targeting hotels worldwide around the world since at least 2019. The group also hit higher-profile targets such as law firms, g
Publish At:2021-09-24 01:36 | Read:102 | Comments:0 | Tags:APT Breaking News Hacking Cyberespionage cyberespionahe Famo

Apple addresses a new zero-day exploited to deploy the NSO Pegasus spyware

Apple has addressed three zero-day vulnerabilities exploited by threat actors in attacks in the wild to take over iPhones and Macs. Apple has released security updates to address three zero-day vulnerabilities exploited in attacks in the wild to compromise iPhones and Macs running vulnerable iOS and macOS versions. Apple confirmed that at least one of
Publish At:2021-09-23 17:20 | Read:163 | Comments:0 | Tags:Breaking News Security Apple Hacking hacking news informatio

Hacking group used ProxyLogon exploits to breach hotels worldwide

Image: Marten BjorkA newly discovered cyberespionage group has been targeting hotels worldwide around the world since at least 2019, as well as higher-profile targets such as governments, international organizations, law firms, and engineering companies.Slovakian internet security firm ESET spotted the hacking group (dubbed FamousSparrow) and
Publish At:2021-09-23 17:08 | Read:155 | Comments:0 | Tags:Security exploit hack

Patch vCenter Server “right now”, VMWare expects CVE-2021-22005 exploitation within minutes of disclosure

VMware is urging users of vCenter server to patch no fewer than 19 problems affecting its products. These updates fix a variety of security vulnerabilities, but and one of them is particularly nasty. That would be CVE-2021-22005, a critical file upload vulnerability with a CVSS score of 9.8 out of 10. It’s so bad the company is advising users to
Publish At:2021-09-22 11:20 | Read:152 | Comments:0 | Tags:Exploits and vulnerabilities CVE-2021-22005 vcenter vmware e

Decade-Old Adobe ColdFusion Vulnerabilities Exploited by Ransomware Gang

Two ColdFusion vulnerabilities patched by Adobe more than a decade ago have been exploited by threat actors in a recent attack, according to cybersecurity firm Sophos.Sophos recently investigated an attack where an unknown threat actor deployed the Cring ransomware on the systems of an unnamed services company. The attack started with the attacker scanning t
Publish At:2021-09-21 15:27 | Read:85 | Comments:0 | Tags:NEWS & INDUSTRY Vulnerabilities exploit ransomware

Experts warn that Mirai Botnet starts exploiting OMIGOD flaw

The Mirai botnet starts exploiting the recently disclosed OMIGOD vulnerability to compromise vulnerable systems exposed online. Threat actors behind a Mirai botnet starts exploiting a critical Azure OMIGOD vulnerability, tracked as CVE-2021-38647, a few days after Microsoft disclosed them. Recently released September 2021 Patch Tuesday securi
Publish At:2021-09-17 16:46 | Read:313 | Comments:0 | Tags:Breaking News Hacking Malware hacking news information secur

OMIGOD: Microsoft Azure VMs exploited to drop Mirai, miners

Threat actors started actively exploiting the critical Azure OMIGOD vulnerabilities two days after Microsoft disclosed them during this month's Patch Tuesday.The four security flaws (allowing privilege escalation and remote code execution) were found in the Open Management Infrastructure (OMI) software agent silently installed by Microsoft on more than
Publish At:2021-09-17 13:12 | Read:201 | Comments:0 | Tags:Security Microsoft exploit

U.S. Agencies Warn of APTs Exploiting Recent ADSelfService Plus Zero-Day

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Coast Guard Cyber Command (CGCYBER) have sounded the alarm over in-the-wild attacks targeting a recently disclosed vulnerability in Zoho’s ManageEngine ADSelfService Plus product.Tracked as CVE-2021-40539 and rated critical severity (CVSS scor
Publish At:2021-09-17 11:33 | Read:240 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Vulnerabilities Cybe

Mirai Botnet Starts Exploiting OMIGOD Flaw as Microsoft Issues More Guidance

Microsoft on Thursday published additional guidance on addressing recently disclosed vulnerabilities in the Open Management Infrastructure (OMI) framework, along with new protections to resolve the bugs within affected Azure Virtual Machine (VM) management extensions.Microsoft’s guidance was published just as researchers noticed that one of the vulnerabiliti
Publish At:2021-09-17 11:32 | Read:200 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

FBI and CISA warn of APT groups exploiting ADSelfService Plus

In a joint advisory the FBI, the United States Coast Guard Cyber Command (CGCYBER), and the Cybersecurity and Infrastructure Security Agency (CISA) warn that advanced persistent threat (APT) cyber-actors may be exploiting a vulnerability in ManageEngine’s single sign-on (SSO) solution. The vulnerability Publicly disclosed computer security flaws
Publish At:2021-09-17 11:20 | Read:107 | Comments:0 | Tags:Exploits and vulnerabilities adselfservice plus APT cgcyber

Exploitation of the CVE-2021-40444 vulnerability in MSHTML

Summary Last week, Microsoft reported the remote code execution vulnerability CVE-2021-40444 in the MSHTML browser engine. According to the company, this vulnerability has already been used in targeted attacks against Microsoft Office users. In attempt to exploit this vulnerability, attackers create a document with a specially-crafted object. If a user opens
Publish At:2021-09-17 08:37 | Read:161 | Comments:0 | Tags:Incidents Malware Descriptions Microsoft Microsoft Internet

FBI, CISA, and CGCYBER warn of nation-state actors exploiting CVE-2021-40539 Zoho bug

The FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) warn of state-sponsored attacks that are actively exploiting CVE-2021-40539 Zoho flaw. The FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) warn that nation-state APT groups are actively exploiting a critical vulnerability, tracked as CVE-2021-40539, in the Zoho ManageEngine ADSelfService
Publish At:2021-09-16 18:45 | Read:188 | Comments:0 | Tags:APT Breaking News Hacking Security CVE-2021-40539 hacking ne

FBI and CISA warn of state hackers exploiting critical Zoho bug

Image: Samueljjohn (CC BY-SA 4.0)The FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) today warned that state-backed advanced persistent threat (APT) groups are actively exploiting a critical flaw in a Zoho single sign-on and password management solution since early August 2021.Zoho's customer list includes "three out of five Fortune 500 comp
Publish At:2021-09-16 17:07 | Read:299 | Comments:0 | Tags:Security exploit FBI CISA hack

Microsoft warns of attacks exploiting recently patched Windows MSHTML CVE-2021-40444 bug

Microsoft revealed that multiple threat actors are exploiting the recently patched Windows MSHTML remote code execution security flaw (CVE-2021-40444). Microsoft warns of multiple threat actors, including ransomware operators, that are exploiting the recently patched Windows MSHTML remote code execution security flaw (CVE-2021-40444) in attacks against o
Publish At:2021-09-16 14:25 | Read:248 | Comments:0 | Tags:Breaking News Hacking Malware Security CVE-2021-40444 Cyberc

Microsoft: Windows MSHTML bug now exploited by ransomware gangs

Microsoft says multiple threat actors, including ransomware affiliates, are targeting the recently patched Windows MSHTML remote code execution security flaw.In the wild exploitation of this vulnerability (tracked as CVE-2021-40444) began on August 18 according to the company, more than two weeks before Microsoft published a security advisory with a partial
Publish At:2021-09-16 13:11 | Read:195 | Comments:0 | Tags:Microsoft Security exploit ransomware

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud