New Banking malware called “DanaBot” actively attacking various counties organization with sophisticated evasion technique and act as a Stealer and ability to gain remote access from targeted victims machine. DanaBot content some evasion technique such as extensive anti-analysis features and targeting various countries including Poland, Italy, Germany, and Austria, Australia and mainly targeting organization in the U.S. DanaBot is a banking malware written in the Delphi...
Read More
Yesterday we reported on a phishing attack that utilizes the Azure Blob storage solution in order to have login forms secured by a Microsoft issued SSL certificate. After reviewing the URLs utilized by the same attacker, BleepingComputer noticed that these same bad actors are also utilizing the Cloudflare IPFS gateway for the same purpose. Last month Cloudflare released an IPFS gateway that allows users to access content stored on the IPFS distributed file...
Read More
Description: The Apache Software Foundation has released security updates to address a vulnerability in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33, and 7.0.23 to 7.0.90. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: http://mail-archives.us.apache.org/mod_mbox/www-announce/201810.mbox/%3c4cf697b0-db03-9eab-f2aa-54c2026d0e88@apache.org%3e
Description: VMware has released a security update to address a vulnerability in AirWatch Console. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.vmware.com/security/advisories/VMSA-2018-0024.html
Description: Apple has released security updates to address vulnerabilities in iCloud for Windows and iOS. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://support.apple.com/en-us/HT209141 https://support.apple.com/en-us/HT209162
Description: Cisco has released several updates to address vulnerabilities affecting multiple products. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities
Description: Apple has released a security update to address multiple vulnerabilities in macOS Mojave 10.14. The updates below are available for these Mac models: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013, Mid 2010, and Mid 2012 models...
Read More
Security expert discovered a critical vulnerability in iOS 12 which could allow attackers to access photos and contacts on a locked iPhone. Jose Rodriguez, a tech expert, discovered a passcode bypass vulnerability on the iOS 12 and latest iOS 12.1 beta operating systems. According to Rodriquez, the hack works on the latest iPhone XS and some of the other models also. The flaw allows attackers...
Read More
Researchers have discovered a critical vulnerability that allegedly affects multiple Linux distros. The vulnerability named Mutagen Astronomy allows an attacker to gain complete control of a targeted system through root access. This Linux vulnerabilityadversely impacts all current versions of Red Hat, Debian, and CentOS distributions. Mutagen Astronomy – Vulnerability Giving Root Access To Hackers Researchers at Qualys have discovered a critical security vulnerability that adversely affects...
Read More
Chinese cybersecurity researchers have uncovered a widespread, ongoing malware campaign that has already hijacked over 100,000 home routers and modified their DNS settings to hack users with malicious web pages—especially if they visit banking sites—and steal their login credentials. Dubbed GhostDNS, the campaign has many similarities with the infamous DNSChanger malware that works by changing DNS server settings on an infected device, allowing attackers to route the users’...
Read More
