Quad7 Botnet Expands to Target SOHO Routers and VPN Appliances – OfficialSarkar

Quad7 Botnet Expands to Target SOHO Routers and VPN Appliances – OfficialSarkar

Sep 11, 2024Ravie LakshmananNetwork Security / Hacking The operators of the mysterious Quad7 botnet are actively evolving by compromising several brands of SOHO routers and VPN appliances by leveraging a combination of both known and unknown security flaws. Targets include devices from TP-LINK, Zyxel, Asus, Axentra, D-Link, and NETGEAR, according to a new report by…

DragonRank Black Hat SEO Campaign Targeting IIS Servers Across Asia and Europe – OfficialSarkar

A “simplified Chinese-speaking actor” has been linked to a new campaign that has targeted multiple countries in Asia and Europe with the end goal of performing search engine optimization (SEO) rank manipulation. The black hat SEO cluster has been codenamed DragonRank by Cisco Talos, with victimology footprint scattered across Thailand, India, Korea, Belgium, the Netherlands,…

Singapore Police Arrest Six Hackers Linked to Global Cybercrime Syndicate – OfficialSarkar

Sep 11, 2024Ravie LakshmananCyber Crime / Hacking The Singapore Police Force (SPF) has announced the arrest of five Chinese nationals and one Singaporean man for their alleged involvement in illicit cyber activities in the country. The development comes after a group of about 160 law enforcement officials conducted a series of raids on September 9,…

Lazarus Group Uses Fake Coding Tests to Spread Malware – OfficialSarkar

Sep 11, 2024Ravie LakshmananMalware / Software Development Cybersecurity researchers have uncovered a new set of malicious Python packages that target software developers under the guise of coding assessments. “The new samples were tracked to GitHub projects that have been linked to previous, targeted attacks in which developers are lured using fake job interviews,” ReversingLabs researcher…

Ivanti Releases Urgent Security Updates for Endpoint Manager Vulnerabilities – OfficialSarkar

Sep 11, 2024Ravie LakshmananEnterprise Security / Vulnerability Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager (EPM), including 10 critical vulnerabilities that could result in remote code execution. A brief description of the issues is as follows – CVE-2024-29847 (CVSS score: 10.0) – A deserialization of untrusted data vulnerability that allows…

Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws – OfficialSarkar

Sep 11, 2024Ravie LakshmananWindows Security / Vulnerability Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for September 2024. The monthly security release addresses a total of 79 vulnerabilities, of which seven are rated Critical, 71 are rated Important,…

CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub – OfficialSarkar

The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses (SMBs) in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub. “CosmicBeetle replaced its previously deployed ransomware, Scarab, with ScRansom, which is continually improved,” ESET researcher Jakub…

New PIXHELL Attack Exploits Screen Noise to Exfiltrates Data from Air-Gapped Computers – OfficialSarkar

A new side-channel attack dubbed PIXHELL could be abused to target air-gapped computers by breaching the “audio gap” and exfiltrating sensitive information by taking advantage of the noise generated by the pixels on the screen. “Malware in the air-gap and audio-gap computers generates crafted pixel patterns that produce noise in the frequency range of 0…

The Invisible Gateway to SaaS Data Breaches – OfficialSarkar

Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots of the corporate security team and expose the company to attackers. Shadow apps may include instances of software that the company is already using. For…