WARNING: Hackers Install Secret Backdoor on Thousands of Microsoft SQL Servers

Cybersecurity researchers today uncovered a sustained malicious campaign dating back to May 2018 that targets Windows machines running MS-SQL servers to deploy backdoors and other kinds of malware, including multi-functional remote access tools (RATs) and cryptominers. Named "Vollgar" after the Vollar cryptocurrency it mines and its offensive "vulgar" modus operandi, researchers at GuardicoreSource...

Continuar lendo

Mukashi: A New Mirai IoT Botnet Variant Targeting Zyxel NAS Devices

A new version of the infamous Mirai botnet is exploiting a recently uncovered critical vulnerability in network-attached storage (NAS) devices in an attempt to remotely infect and control vulnerable machines. Called "Mukashi," the new variant of the malware employs brute-force attacks using different combinations of default credentials to log into Zyxel NAS, UTM, ATP, and VPN firewallSource...

Continuar lendo

Multiple DDoS Botnets Exploited 0-Day Flaws in LILIN DVR Surveillance Systems

Multiple zero-day vulnerabilities in digital video recorders (DVRs) for surveillance systems manufactured by Taiwan-based LILIN have been exploited by botnet operators to infect and co-opt vulnerable devices into a family of denial-of-service bots. The findings come from Chinese security firm Qihoo 360's Netlab team, who say different attack groups have been using LILIN DVR zero-daySource...

Continuar lendo

How CISOs Should Prepare for Coronavirus Related Cybersecurity Threats

The Coronavirus is hitting hard on the world's economy, creating a high volume of uncertainty within organizations. Cybersecurity firm Cynet today revealed new data, showing that the Coronavirus now has a significant impact on information security and that the crisis is actively exploited by threat actors. In light of these insights, Cynet has also shared a few ways to best prepare for theSource...

Continuar lendo

Hackers Created Thousands of Coronavirus (COVID-19) Related Sites As Bait

As the world comes to grips with the coronavirus pandemic, the situation has proven to be a blessing in disguise for threat actors, who've taken advantage of the opportunity to target victims with scams or malware campaigns. Now, according to a new report published by Check Point Research today and shared with The Hacker News, hackers are exploiting the COVID-19 outbreak to spread their ownSource...

Continuar lendo

TrickBot Now Exploits Infected PCs to Launch RDP Brute Force Attacks

A new module for TrickBot banking Trojan has recently been discovered in the wild that lets attackers leverage compromised systems to launch brute-force attacks against selected Windows systems running a Remote Desktop Protocol (RDP) connection exposed to the Internet. The module, dubbed "rdpScanDll," was discovered on January 30 and is said to be still in development, said cybersecurity firmSource...

Continuar lendo

Beware of ‘Coronavirus Maps’ – It’s a malware infecting PCs to steal passwords

Cybercriminals will stop at nothing to exploit every chance to prey on internet users. Even the disastrous spread of SARS-COV-II (the virus), which causes COVID-19 (the disease), is becoming an opportunity for them to likewise spread malware or launch cyber attacks. Reason Cybersecurity recently released a threat analysis report detailing a new attack that takes advantage of internet users'Source...

Continuar lendo

US Govt Warns Critical Industries After Ransomware Hits Gas Pipeline Facility

The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) earlier today issued a warning to all industries operating critical infrastructures about a new ransomware threat that if left unaddressed could have severe consequences. The advisory comes in response to a cyberattack targeting an unnamed natural gas compression facility that employedSource...

Continuar lendo

Iranian Hackers Exploiting VPN Flaws to Backdoor Organizations Worldwide

A new report published by cybersecurity researchers has unveiled evidence of Iranian state-sponsored hackers targeting dozens of companies and organizations in Israel and around the world over the past three years. Dubbed "Fox Kitten," the cyber-espionage campaign is said to have been directed at companies from the IT, telecommunication, oil and gas, aviation, government, and security sectorsSource...

Continuar lendo

Emotet Malware Now Hacks Nearby Wi-Fi Networks to Infect New Victims

Emotet, the notorious trojan behind a number of botnet-driven spam campaigns and ransomware attacks, has found a new attack vector: using already infected devices to identify new victims that are connected to nearby Wi-Fi networks. According to researchers at Binary Defense, the newly discovered Emotet sample leverages a "Wi-Fi spreader" module to scan Wi-Fi networks, and then attempts toSource...

Continuar lendo