Category Archives: Cybersecurity
Workaround For One-Click 0Day Vulnerability Follina
Microsoft announced its workaround for a zero-day vulnerability that has already been used by hackers. A threat actor already has exploited the vulnerability to target organizations in Russia and Tibet, researchers said. This vulnerability was identified back in April and is dubbed ‘Follina’.
Microsoft’s own tool reported a flaw in the way it handled remote control of its products. The remote-control execution (RCE) flaw, tracked as CVE-2022-3019, is associated with the Microsoft Support Diagnostic Tool (MSDT), which, ironically, itself collects information about bugs in the company’s products and reports to Microsoft Support.
If hackers get into your system, they can install programs, view, change, or delete your data, or create new accounts.
… Read the rest“A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word,” Microsoft explained in its guidance on the Microsoft Security Response Center. “An attacker who successfully exploits
Snake Keylogger Spreads Through Malicious PDFs: A Comprehensive Analysis
Discover how the Snake Keylogger malware spreads through malicious PDFs in a comprehensive analysis of its tactics and evasion techniques.
Introduction
In the ever-evolving landscape of cyber threats, a new campaign has emerged, exploiting unsuspecting victims through a combination of a malicious PDF file and a 22-year-old Office bug. The campaign, discovered by the diligent researchers at HP Wolf Security, showcases the ingenuity of attackers in their relentless pursuit of compromising sensitive information. This article aims to provide a comprehensive analysis of this “unusual” campaign and shed light on the tactics employed by cybercriminals to propagate the Snake Keylogger malware.
The Rise of PDF Malware
Traditionally, malicious email campaigns have relied heavily on Microsoft Office file formats, such as Word and Excel, to conceal and distribute malware. However, the discovery of this campaign demonstrates a shift in tactics, as attackers utilize weaponized PDF documents to infiltrate unsuspecting systems. While PDFs … Read the rest
Increase Your Cyber Security Resilience
Increase Your Cyber Security Resilience because cyberattacks can come from any direction. They can paralyze an entire company.
Introduction
As cyberattacks become more sophisticated, security breaches have become a fact of corporate life. Cyberattacks are accelerating at an alarming rate as hackers and their use of technology, techniques, and procedures become more sophisticated and more cunning.
How can organizations stay ahead of cyber-criminals? Can they? Can they fight back or will they forever be playing catch-up? Is it enough to just use technology or must other approaches be taken?
As the world becomes more and more digital, people are becoming increasingly concerned about cyberattacks. The current security approach is to simply protect against external hacking. But it doesn’t work. To stand resilient against threats, companies must protect against cyberattacks continually and holistically, with enterprise-wide knowledge, skills and judgment.
Cyber Security Resilience
Cyber security resilience is about being prepared to protect … Read the rest
Synology And QNAP Critical Netatalk Vulnerability
Synology and QNAP has warned its customers that it has found serious vulnerabilities in its NAS devices. The flaws, which exist in its network-attached storage (NAS) appliances, could allow attackers to gain remote access to vulnerable systems, modify data or execute malicious code.
QNAP, urged its users to disable their NAS devices’ AFP file service protocol. The company warned that the protocol was vulnerable to security flaws and advised customers to wait until it fixed the problem.
During the Pwn2Own contest, The NCC Group’s EDG team exploited a remote code execution security flaw in Western Digital’s PR4100 NAS. This vulnerability was rated at 9.8/10 severity by the Common Vulnerability Scoring System and is tracked as CVE-2022-23121.
Synology identified and reported three other vulnerabilities (i.e., CVE-2022-23125, CVE-2022-23122, CVE-2022-0194) that are rated the same.
QNAP declared that Netatalk vulnerabilities affect multiple QTS and QuTS hero operating systems as well … Read the rest
Bank Account Takeover Is Rising
Cybercriminals keep using account takeover to trick account holders into giving them access to their bank accounts. Bank account takeover is especially lucrative for hackers because of the potential to steal money from the accounts. As most researchers and financial executives can attest, cybercriminals have increasingly used account takeover, which is more popular than most types of fraud.
A recent study has found that account takeover is big business for cybercriminals. It is a growing problem that can be devastating to a bank and its customers. As per the study by Javelin Research, account takeover increased by 90% in the last year. The firm estimates that financial fraud will cost $11.4 billion in 2021, which is about one-quarter of all financial fraud losses in 2018.
Cyber thieves are betting on the fact that if they try to seize a large number of accounts, eventually they will get a payoff. … Read the rest
Vulnerability in Spring Java framework called Spring4Shell
Spring4Shell CVE-2022-22965, a critical vulnerability has been found in Spring, an open source programming framework for the Java platform. It could allow hackers to take control of your system. Details about the vulnerability were leaked to the public before the patch was released. Fortunately, only a small number of users have been affected.
The VMware developers who created the Spring Framework released patches to fix vulnerable applications, so we recommend that all companies using Spring Framework versions 5.3 and 5.2 immediately upgrade to versions 5.3.18 or 5.2.20.
Why is Spring4Shell vulnerability dangerous?
The vulnerability is serious. An attacker can remotely execute malicious code on your site. The vulnerability is in the RCE class, which means that an attacker can exploit it to do whatever he wants, such as steal credit card numbers or install malware. The vulnerability specifically affects Spring MVC and Spring WebFlux applications running under Java Development Kit … Read the rest
Cyber Security Steps To Protect Your Company
Ransomware attacks rose again. The number of ransomware families rose from 143 to 157 in just one year. This means that the frequency and severity of attacks is still increasing. Ransomware attacks are up over last quarter, over the previous year, and up over the last three years.
The cybersecurity report you just read found that these cybercriminal groups are continuing to target unpatched vulnerabilities and weaponize zero-day vulnerabilities in record time to instigate crippling attacks. At the same time, they are broadening their spheres of attack and finding newer ways to compromise organizational networks and fearlessly trigger high-impact assaults.
Ransomware attacks can be devastating. According to Coveware, an attack costs an average of $220,298 and 23 days of downtime. Given the scramble to shift to the digital landscape combined with unprecedented shortages of skilled IT labor, a cyber-attack could cripple even the strongest businesses.
Get your head in
… Read the rest
OpenSSL Infinite Loop Vulnerability
The US National Security Agency (NSA) officials have recently discovered a vulnerability in the OpenSSL cryptographic library. This vulnerability can be used to conduct denial-of-service attacks and can be easily weaponized by its potential attackers.
OpenSSL is a popular cryptography library used to encrypt data and verify digital signatures. The bug affects the BN_mod_sqrt() function, which is used to calculate the modular square root and parses certificates that use elliptic curve public key encryption. This vulnerability has been given the identifier CVE-2022-0778.
If an attacker submits a certificate with broken curve parameters, the program will go into an infinite loop and crash. This will cause denial of service.
… Read the rest“Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack,” OpenSSL said in a March 15 security advisory. “The infinite loop
APC Smart UPS Zero Day Vulnerability
Three critical Zero Day vulnerabilities have been uncovered in popular uninterruptible power supply APC-SMART UPS devices. They could be exploited and used to bring down infrastructure and even cause physical harm. A malicious actor could exploit these flaws and cause severe service disruptions, data loss, and even lead to a potential injury.
Researchers from Armis Labs recently found a flaw in APC Smart-UPS, which could be catastrophic for millions of businesses around the world. A subsidiary of Schneider Electric, APC is one of the leading suppliers of UPS devices worldwide. These devices are essential for companies that require high availability, such as hospitals. The flaw has been dubbed TLStorm and is a result of an unprotected remote management interface.
Cybersecurity researchers are warning businesses to prepare for digital disasters. There’s a high risk of cyber and physical damage if the vulnerabilities are exploited, according to a report published online on … Read the rest
Top 5 Cybersecurity Predictions For 2022
This is tough to predict however I think we’ll see a lot of interesting developments for 2022. And they’ll be related to all the challenges and problems we’ve seen in the past. Cybersecurity is a long, hard-fought war between cybercriminals and businesses. Who will make the most progress in this domain? I think it’ll be businesses that are able to adapt quickly.
People all over the world are looking forward to the new developments, achievements, and challenges 2022 will present. The increasing number of cyber-attacks worldwide makes people fear that the cybersecurity landscape in 2022 will be even more troubling.
There is no doubt that cybercrime will continue to grow, and businesses must adapt in order to keep their information safe. To reach this goal, it is important to understand what exactly you are up against. Here are the top five cybersecurity predictions for 2022.
Loading ...