Author Archives: CSIRT

from www.helpnetsecurity.com Microsoft Exchange servers are an ideal target for attackers looking to burrow into enterprise networks, says Microsoft, as “they provide a unique environment that could allow attackers to perform various tasks using the same built-in tools or scripts that admins use for maintenance.” And while they are not the initial entrance point in […]

from thehackernews.com With Docker gaining popularity as a service to package and deploy software applications, malicious actors are taking advantage of the opportunity to target exposed API endpoints and craft malware-infested images to facilitate distributed denial-of-service (DDoS) attacks and mine cryptocurrencies. According to a report published by Palo Alto Networks’ Unit 42 threat intelligence team, […]

from threatpost.com Several high-severity flaws in Nvidia’s GPU display drivers for Windows users could lead to code-execution, DoS and more. Graphics chipmaker Nvidia has fixed two high-severity flaws in its graphics drivers. Attackers can exploit the vulnerabilities to view sensitive data, gain escalated privileges or launch denial-of-service (DoS) attacks in impacted Windows gaming devices. Nvidia’s […]

from threatpost.com A first-stage malware loader spotted in active campaigns has added additional exploits and a new backdoor capability. A new version of a known malware campaign aimed at installing cryptominers has changed up its tactics, adding attacks on Windows servers and a new pool of exploits to its bag of tricks. It is also […]

from www.bankinfosecurity.com A hacking group dubbed CryptoCore has stolen more than $200 million in virtual currency from several cryptocurrency exchanges over the past two years, the security firm ClearSky Cyber Security reports. The CryptoCore gang has used spear-phishing emails and social engineering techniques to target employees and executives at cryptocurrency exchanges, mainly in the U.S. […]