Cyber Espionage, China’s hackers exploit the TAIDOOR malware
The US CISA, FBI, DoD cyber security experts: The aim is to maintain a presence on victim networks and to further network exploitation. The RAT is installed as a DLL and includes 2 files.
Cybercrime, QNAP NAS devices still vulnerable to QSnatch
Joint alert by the UK NCSC and US CISA cyber security experts on the malware (aka Deker). Update the devices with the latest security fixes now!
Cyber Warfare, US expose new North Korea’s malware
The cyber security experts: They are COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH: a RAT and two trojans. Last February six other HIDDEN COBRA’s malicious codes were discovered.
Cyber Security, Microsoft patches the Windows 10 “SMBGhost”
The CVE-2020-0796 affected the Server Message Block 3.1.1 (SMBv3). It could enable remote and arbitrary code execution, potentially taking control of the system. Moreover, it was wormable.
Cyber Security, Citrix released the patch for the CVE-2019-19781 vulnerability
It covers the flaw in Application Delivery Controller (ADC) and Gateway. It’s imperative to install it now. Meanwhile, cybercrime tried to exploit it, also with fake security tools as NOTROBIN.
Cyber Security, CISA released test for Citrix ADC-Gateway vulnerability
The zero-day flaw has been already exploited by cybercrime to launch attacks. Howerever, on January 20 the company will release new versions that will patch it.
Cyber Security, CISA: Upgrade the unpatched Pulse Secure VPN servers!
US Agency: Threat actors continue to exploit CVE-2019-11510. They may be able to gain access to all active users and their plain-text credentials, and also execute arbitrary commands.
Iran retaliation against US passes from fake news and cyber attacks
BuzzFeed: People spread false-unverified information about missile attack on US Bases in Iraq. Tehran’s hackers will also try to hit American ICS with wiper attacks and spy the enemy.
Cyber Warfare: North Korea hit targets with a trojan variant, HOPLIGHT
US CISA, FBI and DoD cyber security experts: The HIDDEN COBRA malware collects system information about the victim machine including OS Version, Volume Information and System Time.
Cybercrime, FTC releases a video to help users against romance scams
The cyber security experts warn: the phenomenon is on the rise worldwide, be careful when online dating, and never send money or gifts to someone you have not met in person.