Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history

 Malware and Vulnerabilities

The application allows both internal and external account logins and uses for authentication a JSON Web Token (JWT) that specifies an email address cleared for manually defined user accounts, security researcher Evan Connelly explains.

 Breaches and Incidents

The cyberattack was detected on Friday evening (07-04-2023), and security measures were immediately heightened. Currently, experts are combing through the municipality’s servers to determine whether any sensitive information has been accessed.

 Malware and Vulnerabilities

The attackers use a bot called uhQCCSpB that installs and launches a Monero miner on the infected machine. After killing all other miners on the device, the attacker uses two different strategies to maximize access to the compromised Linux machine.

 Threat Actors

Google’s TAG identified a new campaign by the North Korean ARCHIPELAGO threat cluster (aka APT43) targeting U.S. and South Korean governments, think tanks, military personnel, academics, policymakers, and researchers. Most notably, ARCHIPELAGO used fraudulent Google Chrome extensions in combination with phishing and malware to harvest sensitive data.

 Feed

Apple on Friday released security updates for iOS, iPadOS, macOS, and Safari web browser to address a pair of zero-day flaws that are being exploited in the wild. The two vulnerabilities are as follows - CVE-2023-28205 - A use after free issue in WebKit that could lead to arbitrary code execution when processing specially crafted web content. CVE-2023-28206 - An out-of-bounds write issue in

 Feed

The maintainers of the vm2 JavaScript sandbox module have shipped a patch to address a critical flaw that could be abused to break out of security boundaries and execute arbitrary shellcode. The flaw, which affects all versions, including and prior to 3.9.14, was reported by researchers from South Korea-based KAIST WSP Lab on April 6, 2023, prompting vm2 to release a fix with version 3.9.15 on

 Feed

The Iranian nation-state group known as MuddyWater has been observed carrying out destructive attacks on hybrid environments under the guise of a ransomware operation. That's according to new findings from the Microsoft Threat Intelligence team, which discovered the threat actor targeting both on-premises and cloud infrastructures in partnership with another emerging activity cluster dubbed 

 Feed

Taiwanese PC company MSI (short for Micro-Star International) officially confirmed it was the victim of a cyber attack on its systems. The company said it "promptly" initiated incident response and recovery measures after detecting "network anomalies." It also said it alerted law enforcement agencies of the matter. That said, MSI did not disclose any specifics about when the attack took place

2023-04
Aggregator history
Saturday, April 08
SAT
SUN
MON
TUE
WED
THU
FRI
AprilMayJune