Google Warns of a New Way Hackers Can Make Malware Undetectable on Windows – Tempemail

Cybersecurity researchers have disclosed a novel technique adopted by threat actors to deliberately evade detection with the help of malformed digital signatures of its malware payloads. “Attackers created malformed code signatures that are treated as valid by Windows but are not able to be decoded or checked by OpenSSL code Continue Reading

A New Bug in Microsoft Windows Could Let Hackers Easily Install a Rootkit – Tempemail

Security researchers have disclosed an unpatched weakness in Microsoft Windows Platform Binary Table (WPBT) affecting all Windows-based devices since Windows 8 that could be potentially exploited to install a rootkit and compromise the integrity of devices. “These flaws make every Windows system vulnerable to easily-crafted attacks that install fraudulent vendor-specific Continue Reading

New Nagios Software Bugs Could Let Hackers Take Over IT Infrastructures – Tempemail

As many as 11 security vulnerabilities have been disclosed in Nagios network management systems, some of which could be chained to achieve pre-authenticated remote code execution with the highest privileges, as well as lead to credential theft and phishing attacks. Industrial cybersecurity firm Claroty, which discovered the flaws, said flaws Continue Reading

Microsoft Says Chinese Hackers Were Behind SolarWinds Serv-U SSH 0-Day Attack – Tempemail

Microsoft has shared technical details about a now-fixed, actively exploited critical security vulnerability affecting SolarWinds Serv-U managed file transfer service that it has attributed with “high confidence” to a threat actor operating out of China. In mid-July, the Texas-based company remedied a remote code execution flaw (CVE-2021-35211) that was rooted Continue Reading

FIN7 Hackers Using Windows 11 Themed Documents to Drop Javascript Backdoor – Tempemail

A recent wave of spear-phishing campaigns leveraged weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript implant, against a point-of-sale (PoS) service provider located in the U.S. The attacks, which are believed to have taken place between late June to late July Continue Reading

Chinese Authorities Arrest Hackers Behind Mozi IoT Botnet Attacks – Tempemail

The operators of the Mozi IoT botnet have been taken into custody by Chinese law enforcement authorities, nearly two years after the malware emerged on the threat landscape in September 2019. News of the arrest, which originally happened in June, was disclosed by researchers from Netlab, the network research division Continue Reading

Iranian Hackers Target Several Israeli Organizations With Supply-Chain Attacks – Tempemail

IT and communication companies in Israel were at the center of a supply chain attack campaign spearheaded by an Iranian threat actor that involved impersonating the firms and their HR personnel to target victims with fake job offers in an attempt to penetrate their computers and gain access to the Continue Reading

Does a VPN Protect You from Hackers? – Tempemail

A virtual private network (VPN) is the perfect solution for a lot of issues you might experience online- accessing blocked sites, hiding your browsing activity, getting rid of internet throttling, finding better deals, and much more. But does a VPN protect you from hackers? Is your private information and files Continue Reading

NK Hackers Deploy Browser Exploits on South Korean Sites to Spread Malware – Tempemail

A North Korean threat actor has been discovered taking advantage of two exploits in Internet Explorer to infect victims with a custom implant as part of a strategic web compromise (SWC) targeting a South Korean online newspaper. Cybersecurity firm Volexity attributed the attacks to a threat actor it tracks as Continue Reading