exploits

  • Blog
    digitpatrox2 weeks ago
    30

    New Web3 attack exploits transaction simulations to steal crypto

    Threat actors are employing a new tactic called “transaction simulation spoofing” to steal crypto, with one attack successfully stealing 143.45 Ethereum, worth approximately $460,000. The attack, spotted by ScamSniffer, highlights a flaw in transaction simulation mechanisms used in modern Web3 wallets, meant to safeguard users from fraudulent and malicious transactions. How the attack works Transaction simulation is a feature that allows…

    Read More »
  • Blog
    digitpatrox2 weeks ago
    41

    New Mirai botnet targets industrial routers with zero-day exploits

    A relatively new Mirai-based botnet has been growing in sophistication and is now leveraging zero-day exploits for security flaws in industrial routers and smart home devices. Exploitation of previously unknown vulnerabilities started in November 2024, according to Chainxin X Lab researchers who monitored the botnet’s development and attacks. One of the security issues is CVE-2024-12856, a vulnerability in Four-Faith industrial routers…

    Read More »
  • Blog
    digitpatrox3 weeks ago
    42

    New DoubleClickjacking attack exploits double-clicks to hijack accounts

    A new variation of clickjacking attacks called “DoubleClickjacking” lets attackers trick users into authorizing sensitive actions using double-clicks while bypassing existing protections against these types of attacks. Clickjacking, also known as UI redressing, is when threat actors create malicious web pages that trick visitors into clicking on hidden or disguised webpage elements. The attacks work by overlaying a legitimate webpage in…

    Read More »
  • Blog
    digitpatrox4 weeks ago
    46

    New botnet exploits vulnerabilities in NVRs, TP-Link routers

    A new Mirai-based botnetis actively exploiting a remote code execution vulnerability that has not received a tracker number and appears to be unpatched in DigiEver DS-2105 Pro NVRs. The campaign started in October and targets multiple network video recorders and TP-Link routers with outdated firmware. One of the vulnerabilities used in the campaign was documented by TXOne researcher Ta-Lun Yen and presented last…

    Read More »
  • Blog
    digitpatroxDecember 2, 2024
    62

    BootKitty UEFI malware exploits LogoFAIL to infect Linux systems

    The recently uncovered ‘Bootkitty’ Linux UEFI bootkit exploits the LogoFAIL flaw, tracked as CVE-2023-40238, to target computers running on vulnerable firmware. This is confirmed by firmware security firm Binarly, which discovered LogoFAIL in November 2023 and warned about its potential to be used in actual attacks. Bootkitty and LogoFAIL connection Bootkitty was discovered by ESET, who published a report last…

    Read More »
  • Blog
    digitpatroxNovember 15, 2024
    75

    Botnet exploits GeoVision zero-day to install Mirai malware

    A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks. The flaw is tracked as CVE-2024-11120 and was discovered by Piort Kijewski of The Shadowserver Foundation. It is a critical severity (CVSS v3.1 score: 9.8) OS command injection problem, allowing unauthenticated attackers to execute arbitrary system commands…

    Read More »
  • Blog
    digitpatroxAugust 31, 2024
    120

    Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors

    The Russian state-sponsored APT29 hacking group has been observed using the same iOS and Android exploits created by commercial spyware vendors in a series of cyberattacks between November 2023 and July 2024. The activity was discovered by Google’s Threat Analysis Group (TAG), who said the n-day flaws have already been patched but remain effective on devices that have not been…

    Read More »
  • Blog
    digitpatroxAugust 29, 2024
    138

    Malware exploits 5-year-old zero-day to infect end-of-life IP cameras

    Image: Midjourney The Corona Mirai-based malware botnet is spreading through a 5-year-old remote code execution (RCE) zero-day in AVTECH IP cameras, which have been discontinued for years and will not receive a patch. The flaw, discovered by Akamai’s Aline Eliovich, is tracked as CVE-2024-7029 and is a high-severity (CVSS v4 score: 8.7) issue in the “brightness” function of the cameras,…

    Read More »
  • Blog
    digitpatroxAugust 20, 2024
    133

    Hackers are flocking to a new SMS spam tool – ‘Xeon Sender’ exploits cloud APIs and exposed credentials to supercharge phishing campaigns

    Security researchers have issued a warning over a phishing tool that threat actors can use via SaaS providers to send spam messages en-masse. The tool, dubbed ‘Xeon Sender’ by SentinelLabs, is a cloud-based attack tool that can send spam messages via nine different SaaS providers. The tool is also known by alternative names, including ‘XeonV5’ and ‘SVG Sender’. It’s built…

    Read More »
Back to top button
close