Critical Oracle WebLogic flaw actively exploited to install Cobalt Strike, cryptominers
Over the weekend the researchers detected a campaign, which was using a chain of Powershell obfuscated scripts to download Cobalt Strike.
Cybersecurity News - Page 341
Italian beverage company Campari suffers a Ragnar Locker ransomware attack
The Ragnar Locker gang claims to have stolen 2 TB of unencrypted files during the attack and demands a $15 million ransom.
New APT takes a different spin on DLL side-loading
The group combines script-kiddie messages and advanced deployment and targeting techniques in attacks.
Japanese gaming giant Capcom discloses a cyber-attack
The incident involved an unauthorized access carried out by a third party, the company said.
REvil ransomware gang reportedly buys KPot infostealer source code
The malware was put up for auction, with a starting price of $6,500.
Malicious “Twilio-npm” package established backdoors on users’ computers
The malicious code discovered in the tainted Twilio library opened a TCP reverse shell on all machines where the library was downloaded.
New hacker group infiltrates corporate networks using Oracle Solaris zero-day bug
The vulnerability is being used to bypass authentication procedures and install a backdoor dubbed SLAPSTICK on internet-exposed Solaris servers.
Google addresses second Chrome zero-day in two weeks
A separate zero-day bug has been fixed in Chrome for Android.
Oracle releases emergency update for RCE flaw in Oracle WebLogic
CVE-2020-14750 is related to another WebLogic vulnerability patched as part of the October 2020 Critical Patch Update, which is already being targeted by cybercriminals.
UK watchdog fines Marriott International £18.4m over customer data breach
The penalty only relates to the breach from March 25, 2018, when new rules under the General Data Protection Regulation came into effect.
Showing elements 3401 - 3410