Networking solutions provider Zyxel has released patches for a critical-severity vulnerability impacting the firmware of multiple network attached storage (NAS) device models.
Source Code of New ‘CodeRAT’ Backdoor Published Online
The developer of the new ‘CodeRAT’ backdoor has released their malware’s source code online after being confronted by security researchers, cybersecurity firm SafeBreach reports.
The new remote access trojan (RAT) was seen being deployed via a malicious Word document carrying a Dynamic Data Exchange (DDE) exploit.
QNAP Warns of New ‘Deadbolt’ Ransomware Attacks Targeting NAS Users
Taiwanese network-attached storage (NAS) solutions provider QNAP Systems over the weekend issued a fresh warning of new Deadbolt ransomware attacks targeting its NAS users.
Deep Dive Into Ragnar Locker Ransomware Targeting Critical Industries
Analysis of Ragnar Locker Ransomware that has been targeting the energy sector
Ransomware Attacks Target Government Agencies in Latin America
Several government agencies in Latin America were targeted in ransomware attacks in the past months, and the latest victims are Chile and the Dominican Republic.
Academics Devise Open Source Tool For Hunting Node.js Security Flaws
A group of academic researchers have designed an open source Node.js bug hunting tool that has already identified 180 security vulnerabilities.
Malicious Plugins Found on 25,000 WordPress Websites: Study
Researchers at Georgia Institute of Technology have identified malicious plugins on tens of thousands of WordPress websites.
Atlassian Ships Urgent Patch for Critical Bitbucket Vulnerability
Atlassian’s security response team has issued an urgent advisory to warn of a critical command injection flaw in its Bitbucket Server and Data Center product.
The vulnerability carries a CVSS severity score of 9.9 out of 10 and can be exploited remotely to launch code execution attacks, Atlassian said.
Ransomware Operator Abuses Anti-Cheat Driver to Disable Antiviruses
A vulnerable anti-cheat driver for the Genshin Impact video game has been abused by a threat actor to disable antivirus programs to facilitate the deployment of ransomware, cybersecurity firm Trend Micro reports.
New ‘Agenda’ Ransomware Customized for Each Victim
Cybersecurity company Trend Micro is raising the alarm on a new ransomware family called Agenda, which has been used in attacks on organizations in Asia and Africa.
Written in the Golang (Go) cross-platform programming language, the threat has the ability to reboot systems in safe mode and to stop server-specific processes and services.
