Notícias

New Pingback Malware Using ICMP Tunneling to Evade C&C Detection

Researchers on Tuesday disclosed a novel malware that uses a variety of tricks to stay under the radar and evade detection, while stealthily capable of executing arbitrary commands on infected systems. Called 'Pingback,' the Windows malware leverages Internet Control Message Protocol (ICMP) tunneling for covert bot communications, allowing the adversary…

How Should the Service Desk Reset Passwords?

Ask the average helpdesk technician what they do all day, and they will probably answer by saying that they reset passwords. Sure, helpdesk technicians do plenty of other things too, but in many organizations, a disproportionate number of helpdesk calls are tied to password resets. On the surface, having a helpdesk…

Critical Patch Out for Critical Pulse Secure VPN 0-Day Under Attack

Ivanti, the company behind Pulse Secure VPN appliances, has released a security patch to remediate a critical security vulnerability that was found being actively exploited in the wild by at least two different threat actors. Tracked as CVE-2021-22893 (CVSS score 10), the flaw concerns "multiple use after free" issues in Pulse Connect…

Apple Releases Urgent Security Patches For Zero‑Day Bugs Under Active Attacks

Apple on Monday released security updates for iOS, macOS, and watchOS to address three zero-day flaws and expand patches for a fourth vulnerability that the company said might have been exploited in the wild. <!--adsense--> The weaknesses all concern WebKit, the browser engine which powers Safari and other third-party web browsers in iOS, allowing…

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Most mobile app users tend to blindly trust that the apps they download from app stores are safe and secure. But that isn't always the case. To demonstrate the pitfalls and identify vulnerabilities on a large scale, cybersecurity and machine intelligence company CloudSEK recently provided a platform called BeVigil where individuals can…

A Rust-based Buer Malware Variant Has Been Spotted in the Wild

Cybersecurity researchers on Monday disclosed a new malspam campaign distributing a fresh variant of a malware loader called 'Buer' written in Rust, illustrating how adversaries are constantly honing their malware toolsets to evade analysis. Dubbed "RustyBuer," the malware is propagated via emails masquerading as shipping notices from DHL Support, and…

REDES SOCIAIS

Formadores certificados