Hacking Archives - Page 5 of 16

Babuk code used by 9 ransomware gangs to encrypt VMWare ESXi servers

These add too many other unique, non-Babuk-based ransomware strains targeting VMware ESXi virtual machines discovered in the wild for several years

13 May

Fake in-browser Windows updates push Aurora info-stealer malware

Advertised as an info stealer with extensive capabilities and low antivirus detection

11 May

New Cactus ransomware encrypts itself to evade antivirus

Researchers found that Cactus obtains initial access into the victim network by exploiting known vulnerabilities in Fortinet VPN appliances

8 May

Fortinet Patches High-Severity Vulnerabilities in FortiADC, FortiOS

An attacker could exploit the bug via crafted arguments to existing commands, allowing them to execute unauthorized commands

5 May

New Atomic macOS Malware Steals Keychain Passwords and Crypto Wallets

Users may be manipulated into downloading and executing the malware under the guise of legitimate software

5 May

Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now

Improper error message handling in some firewall versions could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device

29 April

Linux version of RTM Locker ransomware targets VMware ESXi servers

Ransomware operations have followed this trend and created Linux encryptors dedicated to targeting ESXi servers to encrypt all data used by the enterprise properly

29 April

Cisco discloses XSS zero-day flaw in server management tool

Successful exploitation enables unauthenticated attackers to launch cross-site scripting attacks remotely but requires user interaction

27 April

Cisco and VMware Release Security Updates to Patch Critical Flaws in their Products

With Cisco and VMware appliances turning out to be lucrative targets for threat actors, it's recommended that users move quickly to apply the updates to mitigate potential threats

21 April