Security researchers employed by Microsoft have recently spotted a variant of the Sysrv botnet. They have dubbed the new variant Sysrv-K. This new variant works in two ways. First, it exploits a flaw in the Spring Cloud Gateway that allows remote code execution (tracked as CVE-2022-22947). Second, the botnet scans …
You Might Need This HP Bios Security Update
HP recently released a BIOS update to address a pair of high-severity vulnerabilities that affect a wide range of PC and notebook products offered by the company. In both cases, the vulnerabilities would allow an attacker to execute code arbitrarily and with Kernel level privileges. The two flaws are being …
Update Zyxel Products To Fix Possible Security Vulnerability
Do you use a Zyxel firewall? If so, there’s good news. The company has fixed an issue you may not have even been aware that you had. The company pushed out the fix in a silent update a little over two weeks ago, but when they implemented the push, they …
New Method Hides Malware In Windows Event Logs
At least one group of hackers has learned a new trick you need to be aware of. Security researchers at Kapersky Lab have discovered a malicious campaign-in-progress that is using event logs to store malware. That is a technique that has not been seen or documented until now. This new …
Beware Of New Backdoor Malware Targeting Linux Users
The name Kevin Beaumont may not be familiar to you, but if you’re a Linux or Solaris user, he may have just saved you a whole lot of grief. Recently, Mr. Beaumont discovered a stealthy backdoor malware that has been quietly infecting Linux and Solaris SPARC systems for more than …
New Phishing Scams Using Twitter Account Emails
Hackers around the world are increasingly targeting verified Twitter accounts with emails designed to pilfer your Twitter login credentials. Verified Twitter accounts differ from standard Twitter accounts in that they sport a large blue check mark next to the user’s name, which indicates that the person who owns the account …
Tricky Ransomware Encrypts Small Data But Overwrites Large Data
The MalwareHunterTeam recently discovered a new ransomware operation that is particularly nasty. Called Onyx, outwardly, the operation does what most ransomware campaigns do. It gets inside a corporate network, exfiltrates the data that it wants, then seems to encrypt the rest, and then threatens to release the files to the …
Popular Service Being Used To Send Phishing Emails
Google SMTP relay service is wildly popular and used every day by legions of users. Unfortunately, hackers around the world are aware of this and increasingly they’ve begun abusing the SMTP relay service. The basic idea is as follows. Some clever hackers have figured out that they can bypass email …
Security Warnings Coming To Certain Google Apps To Help Users
Google has been making some fantastic changes to bolster user security in recent weeks. That includes changes to their Google Play Store that will require developers to disclose exactly what data they plan to track and collect when users install the apps they create. In a related vein, the tech …
New Delivery Method For Ransomware Discovered Called Bumblebee
Some interesting and disturbing changes are afoot in the hacking world. It appears that the TrickBot gang is now working for the Conti Syndicate. TrickBot is a well-known group of botnet developers responsible for the creation of the BazarLoader. BazarLoader has been used by Conti in the past as their …