Hackers abuse legitimate remote monitoring and management tools in attacks
Researchers and government agencies warn that threat actors are increasing their use of commercial RMM tools to enable financial scams.
Stories by Lucian Constantin
-
-
Attackers exploiting critical flaw in many Zoho ManageEngine products
The ManageEngine vulnerability is easy to exploit and enables remote code execution. Patches are available.
-
Many ICS flaws remain unpatched as attacks against critical infrastructure rise
More than a third of ICS device vulnerabilities have no patch available at a time when ICS environments face threats from new cyber crime groups.
-
How attackers might use GitHub Codespaces to hide malware delivery
A feature that allows developers to make applications accessible by a public GitHub URL could enable attackers to deliver malware and avoid detection.
-
Attackers deploy sophisticated Linux implant on Fortinet network security devices
In December network security vendor Fortinet disclosed that a critical vulnerability in its FortiOS operating system was being exploited by attackers in the wild.
-
Log4Shell remains big threat and common cause for security breaches
Log4Shell is likely to remain a favored vulnerability to exploit as organisations lack visibility into their software supply chains.
-
Attackers create 130K fake accounts to abuse limited-time cloud computing resources
Cybercriminal group Automated Libra's PurpleUrchin campaign uses the fake accounts for cryptomining operations.
-
Cuba ransomware group used Microsoft developer accounts to sign malicious drivers
The ransomware gang was able to use signed malicious drivers to disable endpoint security tools. Microsoft has revoked the certificates.
-
Researchers found security pitfalls in IBM’s cloud infrastructure
A demonstrated attack in IBM’s cloud infrastructure allowed them access to the internal server used to build database images for customer deployments.
-
What is Ransom Cartel? A ransomware gang focused on reputational damage
Ransom Cartel, a RaaS operation, has stepped up its attacks over the past year after the disbanding of prominent gangs such as REvil and Conti.
-
Why businesses should have Cobalt Strike detection in place
Abusing variants of legitimate penetration testing tools has become a standard tactic for many attackers seeking to fool security teams.
-
Vietnamese DUCKTAIL malware campaign targeting Facebook business and ads accounts is back
A group of attackers, likely based in Vietnam, that specialises in targeting employees with potential access to Facebook business has re-emerged.
-
Online retailers should prepare for spike in bot-operated attacks
On the naughty list this year are a host of bad actors employing a huge variety of different bot attacks that can have a big impact on retail websites.
-
Researchers show techniques for malware persistence on F5 and Citrix load balancers
Tests show that deploying malware in a persistent manner on load balancer firmware is within reach of less sophisticated attackers.
-
Attackers switch to self-extracting password-protected archives to distribute email malware
Distributing malware inside password-protected archives has long been one of the main techniques used by attackers to bypass email security filters.
Events
ARN Innovation Awards 2023
Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.
Brand Post
Sustainable Electronics Solutions: The Value of Educating Consumers
Sponsored By
