In recent attacks, the state-sponsored backdoor BPFDoor is using a controller to open a reverse shell and move laterally.
The post Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild appeared first on SecurityWeek.
Gamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint Logins
Threat actors are leveraging an artificial intelligence (AI) powered presentation platform named Gamma in phishing attacks to direct unsuspecting users to spoofed Microsoft login pages.
“Attackers weaponize Gamma, a relatively new AI-based presentation tool, to deliver a link to a fraudulent Microsoft SharePoint login portal,” Abnormal Security researchers Hinman Baron and Piotr Wojtyla said in
“Attackers weaponize Gamma, a relatively new AI-based presentation tool, to deliver a link to a fraudulent Microsoft SharePoint login portal,” Abnormal Security researchers Hinman Baron and Piotr Wojtyla said in
From Third-Party Vendors to U.S. Tariffs: The New Cyber Risks Facing Supply Chains
Introduction
Cyber threats targeting supply chains have become a growing concern for businesses across industries. As companies continue to expand their reliance on third-party vendors, cloud-based services, and global logistics networks, cybercriminals are exploiting vulnerabilities within these interconnected systems to launch attacks. By first infiltrating a third-party vendor with undetected
Cyber threats targeting supply chains have become a growing concern for businesses across industries. As companies continue to expand their reliance on third-party vendors, cloud-based services, and global logistics networks, cybercriminals are exploiting vulnerabilities within these interconnected systems to launch attacks. By first infiltrating a third-party vendor with undetected
Microsoft warns of blue screen crashes caused by April updates
Microsoft warned customers this week that their systems might crash with a blue screen error caused by a secure kernel fatal error after installing Windows updates released since March. […]
Critical Vulnerability Found in Apache Roller Blog Server
A critical vulnerability in Apache Roller could be used to maintain persistent access by reusing older sessions even after password changes.
The post Critical Vulnerability Found in Apache Roller Blog Server appeared first on SecurityWeek.
Microsoft Warns of Node.js Abuse for Malware Delivery
In the past months Microsoft has seen multiple campaigns involving Node.js to deliver malware and other malicious payloads.
The post Microsoft Warns of Node.js Abuse for Malware Delivery appeared first on SecurityWeek.
New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks
Cybersecurity researchers have unearthed a new controller component associated with a known backdoor called BPFDoor as part of cyber attacks targeting telecommunications, finance, and retail sectors in South Korea, Hong Kong, Myanmar, Malaysia, and Egypt in 2024.
“The controller could open a reverse shell,” Trend Micro researcher Fernando Mercês said in a technical report published earlier in
“The controller could open a reverse shell,” Trend Micro researcher Fernando Mercês said in a technical report published earlier in
Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities
Chrome 135 and Firefox 137 updates have been rolled out with patches for critical- and high-severity vulnerabilities.
The post Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities appeared first on SecurityWeek.
Microsoft: Some devices offered Windows 11 upgrades despite Intune blocks
Microsoft is working to fix an ongoing issue causing some users’ Windows devices to be offered Windows 11 upgrades despite Intune policies preventing them. […]
Product Walkthrough: A Look Inside Wing Security’s Layered SaaS Identity Defense
Intro: Why hack in when you can log in?
SaaS applications are the backbone of modern organizations, powering productivity and operational efficiency. But every new app introduces critical security risks through app integrations and multiple users, creating easy access points for threat actors. As a result, SaaS breaches have increased, and according to a May 2024 XM Cyber report, identity and
SaaS applications are the backbone of modern organizations, powering productivity and operational efficiency. But every new app introduces critical security risks through app integrations and multiple users, creating easy access points for threat actors. As a result, SaaS breaches have increased, and according to a May 2024 XM Cyber report, identity and