FreshRSS

🔒
△ 🔃
☐ ☆ ✇ The Hacker News

Cybercriminals Exploit Microsoft Word Vulnerabilities to Deploy LokiBot Malware

By THN — July 17th 2023 at 09:04
Microsoft Word documents exploiting known remote code execution flaws are being used as phishing lures to drop malware called LokiBot on compromised systems. "LokiBot, also known as Loki PWS, has been a well-known information-stealing Trojan active since 2015," Fortinet FortiGuard Labs researcher Cara Lin said. "It primarily targets Windows systems and aims to gather sensitive information from
☐ ☆ ✇ The Hacker News

New All-in-One "EvilExtractor" Stealer for Windows Systems Surfaces on the Dark Web

By Ravie Lakshmanan — April 24th 2023 at 06:36
A new "all-in-one" stealer malware named EvilExtractor (also spelled Evil Extractor) is being marketed for sale for other threat actors to steal data and files from Windows systems. "It includes several modules that all work via an FTP service," Fortinet FortiGuard Labs researcher Cara Lin said. "It also contains environment checking and Anti-VM functions. Its primary purpose seems to be to
☐ ☆ ✇ The Hacker News

New GoTrim Botnet Attempting to Break into WordPress Sites' Admin Accounts

By Ravie Lakshmanan — December 14th 2022 at 14:12
A new Go-based botnet has been spotted scanning and brute-forcing self-hosted websites using the WordPress content management system (CMS) to seize control of targeted systems. "This new brute forcer is part of a new campaign we have named GoTrim because it was written in Go and uses ':::trim:::' to split data communicated to and from the C2 server," Fortinet FortiGuard Labs researchers Eduardo
☐ ☆ ✇ The Hacker News

Royal Ransomware Threat Takes Aim at U.S. Healthcare System

By Ravie Lakshmanan — December 12th 2022 at 07:57
The U.S. Department of Health and Human Services (HHS) has cautioned of ongoing Royal ransomware attacks targeting healthcare entities in the country. "While most of the known ransomware operators have performed Ransomware-as-a-Service, Royal appears to be a private group without any affiliates while maintaining financial motivation as their goal," the agency's Health Sector Cybersecurity
☐ ☆ ✇ The Hacker News

New Go-based Botnet Exploiting Exploiting Dozens of IoT Vulnerabilities to Expand its Network

By Ravie Lakshmanan — December 7th 2022 at 04:03
A novel Go-based botnet called Zerobot has been observed in the wild proliferating by taking advantage of nearly two dozen security vulnerabilities in the internet of things (IoT) devices and other software. The botnet "contains several modules, including self-replication, attacks for different protocols, and self-propagation," Fortinet FortiGuard Labs researcher Cara Lin said. "It also
☐ ☆ ✇ The Hacker News

Fortinet Warns of Active Exploitation of Newly Discovered Critical Auth Bypass Bug

By Ravie Lakshmanan — October 11th 2022 at 06:21
Fortinet on Monday revealed that the newly patched critical security vulnerability impacting its firewall and proxy products is being actively exploited in the wild. Tracked as CVE-2022-40684 (CVSS score: 9.6), the flaw relates to an authentication bypass in FortiOS, FortiProxy, and FortiSwitchManager that could allow a remote attacker to perform unauthorized operations on the administrative
❌