Cybersecurity News - Page 266

With this vulnerability hackers can achieve remote code execution on vulnerable systems with minimal user interaction.

The open AWS bucket contained almost 23M files including flight charts, navigation materials, and crew PII, including photos and signatures.

The suspects allegedly used the Agent Tesla RAT to reroute financial transactions and steal confidential details from corporate organizations.

To receive the decryption tool victims are asked to perform three socially driven activities, including giving blanket donations to the homeless and feeding poor children.

GitHub said it is confident that the attackers did not alter any published packages in the registry, or publish any new versions to existing packages.

The group targeted the Austrian Economic Chamber, the Baltic Defense College, and a NATO platform for cyber-espionage purposes.

The suspect registered 240 domains, 50 of which were used as command-and-control domains for the ISRStealer, Pony, and LokiBot malware.

Social Security numbers and driver’s license details weren’t compromised, the company said.

In both cases the attacker appears to have taken over packages that have not been updated in a while.

The security researchers have warned that the gang hasn’t gone anywhere, but simply split into smaller, more novel brands.