Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign

Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign

Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign Cybersecurity researchers have discovered a new campaign that’s exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads. The activity entails the exploitation of CVE-2023-48788 (CVSS score: 9.3), a critical SQL injection flaw that Read more…

Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware

Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware

Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The attacks leverage CVE-2023-22518 (CVSS score: 9.1), a critical security vulnerability impacting the Atlassian Confluence Data Center and Server that allows an unauthenticated attacker Read more…

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as “intricate” and a combination of Read more…

TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks

TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks

TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks Multiple threat actors are exploiting the recently disclosed security flaws in JetBrains TeamCity software to deploy ransomware, cryptocurrency miners, Cobalt Strike beacons, and a Golang-based remote access trojan called Spark RAT. The attacks entail the exploitation of CVE-2024-27198 (CVSS score: 9.8) Read more…

DarkGate Malware Exploits Recently Patched Microsoft Flaw in Zero-Day Attack

DarkGate Malware Exploits Recently Patched Microsoft Flaw in Zero-Day Attack

DarkGate Malware Exploits Recently Patched Microsoft Flaw in Zero-Day Attack A DarkGate malware campaign observed in mid-January 2024 leveraged a recently patched security flaw in Microsoft Windows as a zero-day using bogus software installers. ‚ÄúDuring this campaign, users were lured using PDFs that contained Google DoubleClick Digital Marketing (DDM) open Read more…

Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks

Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks

Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level access and disable security software on compromised hosts. The vulnerability in question is CVE-2024-21338 (CVSS score: 7.8), which can Read more…