persistent malware – Threat Note

Vulnerabilities

From Cybersecurity Help – China-nexus hackers UNC3886 target Juniper MX routers with custom backdoors

The group first gained access to a target network through a terminal server used for managing devices. Read More

shaikh Saqib March 12, 2025

News

From The Hacker News – Defending against USB drive attacks with Wazuh

USB drive attacks constitute a significant cybersecurity risk, taking advantage of the everyday use of USB devices to deliver malware and circumvent traditional network security measures. These attacks lead to data breaches, financial losses, and operational disruptions, with lasting impacts on an organization's reputation. An example is the Stuxnet worm discovered in 2010, a malware designed to

shaikh Saqib March 5, 2025

News

From Cyber Security News – Hackers Attacking 4000+ ISPs With New Malware for Remote Access

Researchers from Splunk have identified a sophisticated malware campaign targeting over 4,000 Internet Service Providers (ISPs) primarily located on the West Coast of the United States and in China. The…

shaikh Saqib March 4, 2025

News

From The Hacker News – Over 4,000 ISP IPs Targeted in Brute-Force Attacks to Deploy Info Stealers and Cryptominers

Internet service providers (ISPs) in China and the West Coast of the United States have become the target of a mass exploitation campaign that deploys information stealers and cryptocurrency miners on compromised hosts. The findings come from the Splunk Threat Research Team, which said the activity also led to the delivery of various binaries that facilitate data exfiltration as well as offer

shaikh Saqib March 4, 2025

News

From The Hacker News – PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices

A new malware campaign has been observed targeting edge devices from Cisco, ASUS, QNAP, and Synology to rope them into a botnet named PolarEdge since at least the end of 2023. French cybersecurity company Sekoia said it observed the unknown threat actors leveraging CVE-2023-20118 (CVSS score: 6.5), a critical security flaw impacting Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and

shaikh Saqib February 27, 2025

News

From The Hacker News – Cybercriminals Exploit Onerror Event in Image Tags to Deploy Payment Skimmers

Cybersecurity researchers have flagged a credit card stealing malware campaign that has been observed targeting e-commerce sites running Magento by disguising the malicious content within image tags in HTML code in order to stay under the radar. MageCart is the name given to a malware that's capable of stealing sensitive payment information from online shopping sites. The attacks are known to

shaikh Saqib February 18, 2025

News

From Security Week – Russian State Hackers Target Organizations With Device Code Phishing

[[{"value":"Russian hackers have been targeting government, defense, telecoms, and other organizations in a device code phishing campaign. The post Russian State Hackers Target Organizations With Device Code Phishing appeared first…

shaikh Saqib February 17, 2025

News

From Cyber Security News – Xerox Printers Vulnerability Let Attackers Capture Authentication Data From LDAP & SMB

Multiple vulnerabilities in enterprise-grade Xerox Versalink C7025 multifunction printers (MFPs) enable attackers to intercept authentication credentials from Lightweight Directory Access Protocol (LDAP) and Server Message Block (SMB) services. Designated as…

shaikh Saqib February 17, 2025

News

From Cyber Security News – Hidden Malware in WordPress Websites Allows Attackers to Execute Malicious Code Remotely

A sophisticated malware campaign has recently been uncovered by security researchers at Sucuri, targeting WordPress websites through hidden malware and backdoors in the mu-plugins directory. This attack chain allows remote…

shaikh Saqib February 17, 2025