Author Archives: CSIRT

from www.securityweek.com A newly identified piece of malware is being distributed embedded in tax payment software that some businesses operating in China are required to install. Dubbed GoldenSpy, the malware was observed as part of a campaign that supposedly started in April 2020, but some of the identified samples suggest the threat has been around […]

from www.helpnetsecurity.com Microsoft Exchange servers are an ideal target for attackers looking to burrow into enterprise networks, says Microsoft, as “they provide a unique environment that could allow attackers to perform various tasks using the same built-in tools or scripts that admins use for maintenance.” And while they are not the initial entrance point in […]

from thehackernews.com With Docker gaining popularity as a service to package and deploy software applications, malicious actors are taking advantage of the opportunity to target exposed API endpoints and craft malware-infested images to facilitate distributed denial-of-service (DDoS) attacks and mine cryptocurrencies. According to a report published by Palo Alto Networks’ Unit 42 threat intelligence team, […]

from threatpost.com Several high-severity flaws in Nvidia’s GPU display drivers for Windows users could lead to code-execution, DoS and more. Graphics chipmaker Nvidia has fixed two high-severity flaws in its graphics drivers. Attackers can exploit the vulnerabilities to view sensitive data, gain escalated privileges or launch denial-of-service (DoS) attacks in impacted Windows gaming devices. Nvidia’s […]

from threatpost.com A first-stage malware loader spotted in active campaigns has added additional exploits and a new backdoor capability. A new version of a known malware campaign aimed at installing cryptominers has changed up its tactics, adding attacks on Windows servers and a new pool of exploits to its bag of tricks. It is also […]