Malware analysis is an important part of a security researcher’s job. However, working with malicious samples is dangerous. You need a dedicated tool to record your activity and a safe environment to prevent unintentional damage. However, manual lab setup and…
A ransomware gang known as Clop has been observed exploiting a pre-authentication command injection vulnerability (CVE-2023-0669) in Fortra’s file transfer solution GoAnywhere MFT. According to a new advisory from CloudSEK security experts, the high-level vulnerability has a CVSS:3.1 score of…
The emergence of smart mobility services and applications has seen a surge in the use of APIs in the automotive industry. However, this growing reliance on APIs also makes them one of the most common attack vectors. According to Gartner,…
Google’s Threat Analysis Group (TAG) has revealed that it tracks more than 30 commercial spyware vendors that facilitate the spread of malware by government-sponsored attackers. TAG’s Clement Lecigne said in a blog post published today that these vendors are arming…
March 29, 2023Rabbi LakshmananZero-day/mobile security Google’s Threat Analysis Group (TAG) has revealed that a number of zero-day vulnerabilities addressed last year were exploited by commercial spyware vendors to target Android and iOS devices. Two different campaigns were limited and targeted,…
According to Microsoft, the proliferation of workload identities, superadministrators, and “over-permissions” are increasing cyber risks for organizations operating cloud infrastructure. tech giant The State of Cloud Permission Risk in 2023 The report calculates that over 40,000 permissions could be granted…
March 29, 2023Rabbi LakshmananLinux / Cyber threats An unidentified Chinese government-sponsored hacking group is linked to new malware targeting Linux servers. French cybersecurity firm ExaTrack discovered and dubbed three previously documented samples of malicious software dating back to early 2022.…
Some big names in the IT industry have announced a set of new principles that they hope will help thwart the threat of “cybermercenaries.” The Cybersecurity Tech Accord, an industry association, uses the term to describe a growing number of…
March 29, 2023Rabbi LakshmananCryptocurrency/Malware Since September 2022, a trojanized installer for the TOR anonymous browser has been used in clipper malware designed to siphon cryptocurrencies, targeting users in Russia and Eastern Europe. “Clipboard Injector […] Vitaly Kamluk, Director of Kaspersky’s…
A vulnerability in ChatGPT could expose payment-related information for some customers of the AI tool and reveal titles from the chat history of some active users, OpenAI has revealed . In a blog post published March 24, 2023, the company…
All Rights Reserved. Kowatek Blog by IWUCHI
Home | About Us | Disclaimer | Privacy Policy | Contact Us
