exploit
-
Blog
Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs
Volt Typhoon, a Chinese state-sponsored hacking group, has been caught exploiting a zero-day vulnerability in Versa Director servers, used by managed service providers and internet service providers. CVE-2024-39717 was added to CISA’s “Known Exploited Vulnerabilities Catalog” on Aug. 23 after Lumen Technologies discovered its active exploitation. Data from Censys shows that there are 163 devices in the U.S., Philippines, Shanghai,…
Read More » -
Blog
North Korean hackers exploit Chrome zero-day to deploy rootkit
North Korean hackers have exploited a recently patched Google Chrome zero-day (CVE-2024-7971) to deploy the FudModule rootkit after gaining SYSTEM privileges using a Windows Kernel exploit. “We assess with high confidence that the observed exploitation of CVE-2024-7971 can be attributed to a North Korean threat actor targeting the cryptocurrency sector for financial gain,” Microsoft said on Friday, attributing the attacks…
Read More » -
Blog
Threat Actors Exploit Microsoft Sway to Host QR Code Phishing Campaigns
A new report from cybersecurity company Netskope reveals details about attack campaigns abusing Microsoft Sway and CloudFlare Turnstile and leveraging QR codes to trick users into providing their Microsoft Office credentials to the phishing platform. These campaigns have targeted victims in Asia and North America across multiple segments led by technology, manufacturing, and finance. What is quishing? QR codes are…
Read More » -
Blog
US offers $2.5 million reward for hacker linked to Angler Exploit Kit
The U.S. Department of State and the Secret Service have announced a reward of $2,500,000 for information leading to Belarusian national Volodymyr Kadariya (Владимир Кадария) for cybercrime activities. The 38-year-old man is wanted for his participation in various malware and online scam operations, including the Angler Exploit Kit, for which he managed malvertising operations between October 2013 and March 2022.…
Read More » -
Blog
Hackers use PHP exploit to backdoor Windows systems with new malware
Unknown attackers have deployed a newly discovered backdoor dubbed Msupedge on a university’s Windows systems in Taiwan, likely by exploiting a recently patched PHP remote code execution vulnerability (CVE-2024-4577). CVE-2024-4577 is a critical PHP-CGI argument injection flaw patched in June that impacts PHP installations running on Windows systems with PHP running in CGI mode. It allows unauthenticated attackers to execute arbitrary code…
Read More »