FreshRSS

🔒
△ 🔃
☐ ☆ ✇ The Hacker News

Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware

By Newsroom — December 21st 2023 at 07:22
Attackers are weaponizing an old Microsoft Office vulnerability as part of phishing campaigns to distribute a strain of malware called Agent Tesla. The infection chains leverage decoy Excel documents attached in invoice-themed messages to trick potential targets into opening them and activate the exploitation of CVE-2017-11882 (CVSS score: 7.8), a memory corruption vulnerability in Office's
☐ ☆ ✇ The Hacker News

8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware

By Newsroom — December 19th 2023 at 06:58
The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming is CVE-2020-14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers. "This vulnerability allows remote authenticated
☐ ☆ ✇ The Hacker News

8220 Gang Exploiting Oracle WebLogic Flaw to Hijack Servers and Mine Cryptocurrency

By Ravie Lakshmanan — May 18th 2023 at 09:31
The notorious cryptojacking group tracked as 8220 Gang has been spotted weaponizing a six-year-old security flaw in Oracle WebLogic servers to ensnare vulnerable instances into a botnet and distribute cryptocurrency mining malware. The flaw in question is CVE-2017-3506 (CVSS score: 7.4), which, when successfully exploited, could allow an unauthenticated attacker to execute arbitrary commands
☐ ☆ ✇ The Hacker News

Alert: Active Exploitation of TP-Link, Apache, and Oracle Vulnerabilities Detected

By Ravie Lakshmanan — May 2nd 2023 at 05:35
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three flaws to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The security vulnerabilities are as follows - CVE-2023-1389 (CVSS score: 8.8) - TP-Link Archer AX-21 Command Injection Vulnerability CVE-2021-45046 (CVSS score: 9.0) - Apache Log4j2 Deserialization of Untrusted
☐ ☆ ✇ The Hacker News

New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic

By Ravie Lakshmanan — March 9th 2023 at 08:10
The infamous cryptocurrency miner group called 8220 Gang has been observed using a new crypter called ScrubCrypt to carry out cryptojacking operations. According to Fortinet FortiGuard Labs, the attack chain commences with the successful exploitation of susceptible Oracle WebLogic servers to download a PowerShell script that contains ScrubCrypt. Crypters are a type of software that can encrypt,
❌