Oracle WebLogic Server OS Command Injection Flaw Under Active Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Oracle WebLogic Server to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2017-3506 (CVSS score: 7.4), the issue concerns an operating system (OS) command injection vulnerability that could be exploited to obtain unauthorized
Authorities Ramp Up Efforts to Capture the Mastermind Behind Emotet
Law enforcement authorities behind Operation Endgame are seeking information related to an individual who goes by the name Odd and is allegedly the mastermind behind the Emotet malware. Odd is also said to go by the nicknames Aron, C700, Cbd748, Ivanov Odd, Mors, Morse, Veron over the past few years, according to a video released […]
Researchers Uncover RAT-Dropping npm Package Targeting Gulp Users
Cybersecurity researchers have uncovered a new suspicious package uploaded to the npm package registry that’s designed to drop a remote access trojan (RAT) on compromised systems. The package in question is glup-debugger-log, which targets users of the gulp toolkit by masquerading as a « logger for gulp and gulp plugins. » It has been downloaded 175 times […]
Bulletin d’actualité CERTFR-2024-ACT-024 (03 juin 2024)
Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas l’analyse de l’ensemble des avis et alertes publiés par le CERT-FR dans le cadre d’une analyse de risques pour prioriser l’application des…
SASE Threat Report: 8 Key Findings for Enterprise Security
Threat actors are evolving, yet Cyber Threat Intelligence (CTI) remains confined to each isolated point solution. Organizations require a holistic analysis across external data, inbound and outbound threats and network activity. This will enable evaluating the true state of cybersecurity in the enterprise. Cato’s Cyber Threat Research Lab (Cato CTRL, see more details below) has […]
Researcher Uncovers Flaws in Cox Modems, Potentially Impacting Millions
Now-patched authorization bypass issues impacting Cox modems that could have been abused as a starting point to gain unauthorized access to the devices and run malicious commands. « This series of vulnerabilities demonstrated a way in which a fully external attacker with no prerequisites could’ve executed commands and modified the settings of millions of modems, accessed […]
Andariel Hackers Target South Korean Institutes with New Dora RAT Malware
The North Korea-linked threat actor known as Andariel has been observed using a new Golang-based backdoor called Dora RAT in its attacks targeting educational institutes, manufacturing firms, and construction businesses in South Korea. « Keylogger, Infostealer, and proxy tools on top of the backdoor were utilized for the attacks, » the AhnLab Security Intelligence Center (ASEC) said […]
Filtrage Web en entreprise : définition et cas d’usage
Le filtrage web en entreprise est une pratique essentielle pour la sécurité des réseaux et la productivité des employés. Il consiste à contrôler et restreindre l’accès à certains contenus internet en fonction de règles prédéfinies. DataSecurityBreach explore en détail ce concept, ses avantages, ainsi que ses principaux cas d’usage.
Beware: Fake Browser Updates Deliver BitRAT and Lumma Stealer Malware
Fake web browser updates are being used to deliver remote access trojans (RATs) and information stealer malware such as BitRAT and Lumma Stealer (aka LummaC2). « Fake browser updates have been responsible for numerous malware infections, including those of the well-known SocGholish malware, » cybersecurity firm eSentire said in a new report. « In April 2024, we observed […]
AI Company Hugging Face Notifies Users of Suspected Unauthorized Access
Artificial Intelligence (AI) company Hugging Face on Friday disclosed that it detected unauthorized access to its Spaces platform earlier this week. « We have suspicions that a subset of Spaces’ secrets could have been accessed without authorization, » it said in an advisory. Spaces offers a way for users to create, host, and share AI and machine […]