ZuoRAT Hijacks SOHO Routers From Cisco, Netgear
The malware has been in circulation since 2020, with sophisticated, advanced malicious actors taking advantage of the vulnerabilities in SOHO routers as the work-from-home population expands rapidly....
New YTStealer Malware Aims to Hijack Accounts of YouTube Content Creators
Cybersecurity researchers have documented a new information-stealing malware that targets YouTube content creators by plundering their authentication cookies. Dubbed "YTStealer" by Intezer, the malicious tool is likely believed to be sold as...
How Vulnerability Management Has Evolved And Where It’s Headed Next
The blocking and tackling work of scan management is becoming a commodity, writes Lisa Xu, the CEO of NopSec in this Expert Insight. What organizations need now is complete visibility of...
Do back offices mean backdoors?
War in Europe, a reminder for shared service centers and shoring operations to re-examine IT security posture The post Do back offices mean backdoors? appeared first on WeLiveSecurity
New UnRAR Vulnerability Could Let Attackers Hack Zimbra Webmail Servers
A new security vulnerability has been disclosed in RARlab's UnRAR utility that, if successfully exploited, could permit a remote attacker to execute arbitrary code on a system that relies on the...
CISA Warns of Active Exploitation of 'PwnKit' Linux Vulnerability in the Wild
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week moved to add a Linux vulnerability dubbed PwnKit to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. The issue, tracked as CVE-2021-4034 (CVSS score: 7.8), came to...
Facebook Business Pages Targeted via Chatbot in Data-Harvesting Campaign
The clever, interactive phishing campaign is a sign of increasingly complex social-engineering attacks, researchers warn....
ZuoRAT Malware Hijacking Home-Office Routers to Spy on Targeted Networks
A never-before-seen remote access trojan dubbed ZuoRAT has been singling out small office/home office (SOHO) routers as part of a sophisticated campaign targeting North American and European networks. The malware "grants the...
Overview of Top Mobile Security Threats in 2022
Your smartphone is your daily companion. The chances are that most of our activities rely on them, from ordering food to booking medical appointments. However, the threat landscape always reminds us...
APT Hackers Targeting Industrial Control Systems with ShadowPad Backdoor
Entities located in Afghanistan, Malaysia, and Pakistan are in the crosshairs of an attack campaign that targets unpatched Microsoft Exchange Servers as an initial access vector to deploy the ShadowPad malware. Russian...