Cybersecurity, new zero-day vulnerability on Windows despite the last patch
Abdelhamid Naceri discovered a flaw, which bypass the CVE-2021-41379 security update. It allows a privilege escalation to admin level.
Cyber Espionage, an APT used at least 11 zero-days exploits in less than a year
The cybersecurity expert Maddie Stone: It used “watering hole” attacks to redirect specific targets to a pair of exploit servers delivering malware on Windows, iOS, and Android.
Cybercrime, Microsoft released “One-Click Mitigation Tool” on Exchange Servers vulnerabilities
The cybersecurity experts: Customers will automatically mitigate CVE-2021-26855 on any server on which it is deployed. However, it’s not a replacement for the patch.
Cybercrime, the DearCry ransomware exploits the Microsoft Exchange Server vulnerabilities
Palo Alto Networks cybersecurity experts: The malware uses AES-256 and RSA-2048 to encrypt files, and the ransom note includes 2 email addresses to contact for pay.
Cybercrime, new Golang worm drops XMRig cryptominer on Linux-Windows
Intezer cybersecurity experts: The malware can easily maneuver from one platform to the other, and it targets public facing services.
Cybercrime, Gitpaste-12 is back with more exploits and targets
Juniper Networks cybersecurity experts: The malware, a worm, is hosted in a new GitHub repository. It attacks Windows, Linux, IoT devices and more.
Cybercrime, the new ransomware RegretLocker targets Windows VMs
The cybersecurity experts: The malware doesn’t contain a long-winded ransom note and uses email for communication. It encypts files with .mouse extention.
Cybercrime, Lucifer campaign is evolving and will continue
Check Point cyber security experts: The Windows crypto miner and DDOS hybrid malware now is multi-platform and multi-architecture, targeting Linux and IoT devices.
Cybercrime, Lucifer now targets also Linux systems
Netscout cyber security experts: The cryptojacking and DDoS malware includes additional tools and a port to the operating system. The bot supports TCP, UCP, ICMP, and HTTP-based attacks.
Cyber Security, BootHole put Windows and Linux devices at risk
Eclypsium: It’s a vulnerability in the GRUB2 bootloader, that hit devices using Secure Boot. Attackers can install persistent and stealthy bootkits or malware.