Hackers deploy DripDropper via Apache ActiveMQ flaw, patch systems to evade detection – Security Affairs

Por
Hackers deploy DripDropper via Apache ActiveMQ flaw, patch systems to evade detection - Security Affairs

Hackers deploy DripDropper via Apache ActiveMQ flaw, patch systems to evade detection Hackers exploit Apache ActiveMQ flaw to install DripDropper on Linux, then patch it to block rivals and hide their tracks. Red Canary researchers observed attackers exploit a 2-year-old Apache ActiveMQ vulnerability, tracked as CVE-2023-46604 (CVSS score of 10.0), to gain persistence on cloud … Ler mais

Os atores de ameaças abusam do Internet Archive para hospedar o carregador de JScript furtivo

Por
Threat Actors Abuse Internet Archive to Host Stealthy JScript Loader

Um ator malicioso está usando recursos confiáveis ​​da Internet, como o Internet Archive, com mais frequência para disseminar componentes clandestinos de malware em um aumento preocupante em ameaças cibernéticas. Essa tática explora a confiabilidade inerente a essas plataformas, permitindo que os invasores ignorassem os filtros de segurança tradicionais e entreguem cargas úteis sob o disfarce … Ler mais

Europol confirms that Qilin ransomware reward is fake

Por
Picus Blue Report 2025

Europol has confirmed that a Telegram channel impersonating the agency and offering a $50,000 reward for information on two Qilin ransomware administrators is fake. The impostor later admitted it was created to troll researchers and journalists. “We were also surprised to see this story gaining traction,” Europol told BleepingComputer on Monday. “The announcement didn’t come … Ler mais

Muddywater APT alvo os CFOs via OpenSsh; Ativa o RDP e tarefas programadas

Por
MuddyWater APT Targets CFOs via OpenSSH; Enables RDP and Scheduled Tasks

Uma sofisticada campanha de phishing de lança atribuída ao grupo APT Muddywater ligado ao iraniano está comprometendo ativamente os CFOs e executivos financeiros na Europa, América do Norte, América do Sul, África e Ásia. Os atacantes representam recrutadores da Rothschild & Co, implantando páginas de phishing hospedadas em Firebase que incorporam desafios de Captcha baseados … Ler mais

Paper Werewolf explora a vulnerabilidade do Winrar Day Zero para entregar malware

Por
UAC-0099 Hackers Weaponize HTA Files to Deploy MATCHBOIL Loader Malware

Os espiões cibernéticos associados ao grupo de atores de ameaças Lobisomem demonstraram recursos avançados ao ignorar os filtros de segurança de email, entregando malware por meio de arquivos de arquivo aparentemente legítimos, uma tática que explora a semelhança de tais anexos na correspondência comercial. Apesar de sua sofisticação, esses invasores continuam a confiar em táticas, … Ler mais

Russian Espionage Group Static Tundra Targets Legacy Cisco Flaw

Por
Russian Espionage Group Static Tundra Targets Legacy Cisco Flaw

A seven-year-old vulnerability affecting end-of-life Cisco network devices is being exploited by a Russian state-sponsored cyber espionage group. Cisco Talos stated that the group, known as Static Tundra, has been observed compromising Cisco devices for several years. The Russia-aligned hacking group has been exploiting apreviously disclosed vulnerabilityin the Smart Install feature of Cisco IOS software … Ler mais

Microsoft asks customers for feedback on SSD failure issues

Por
Picus Red Report 2025

​Microsoft is seeking further information from customers who reported failure and data corruption issues affecting their solid-state drives (SSDs) and hard disk drives (HDDs) after installing the August 2025 security update. Microsoft told BleepingComputer on Wednesday that it is aware of reports that installing the KB5063878 security update is causing SSD and HDD data corruption … Ler mais

Colt Admits Customer Data Likely Stolen in Cyber-Attack

Por
Colt Admits Customer Data Likely Stolen in Cyber-Attack

Colt Technology Services has confirmed that cybercriminals could leak customer data. This is despite previously claiming the recent cyber incident targeted an internal system separate from its customers’ infrastructure. On August 14, the British telecommunications giant said it had taken some systems offline in response to a “cyber incident” that targeted an “internal system” that … Ler mais

Oregon Man Charged in Rapper Bot DDoS-for-Hire Case

Por
Oregon Man Charged in Rapper Bot DDoS-for-Hire Case

A 22-year-old Oregon man has been charged with administering the Rapper Bot DDoS-for-hire botnet, which was allegedly used to launch multi-terabit attacks across 80+ countries. Rapper Bot is alleged to administer large-scale DDoS-for-hire attacks averaging two to three terabits (Tb) in size and targeting victims in over 80 countries, according to a 19 August update … Ler mais

Why Certified VMware Pros Are Driving the Future of IT

Por
Brender Emerson quote

By Brenda Emerson, VMUG President IT isn’t getting any simpler. For many, the cloud’s gone hybrid, AI’s moved in permanently, and security threats seem to evolve faster than the tech built to stop them. But what’s at the forefront of all of this? People. The IT teams configuring, troubleshooting, deploying, and defending. And the IT … Ler mais