Hjem » tag Archives: Cisco Talos

tag Archives: Cisco Talos

Cisco Talos: Nettkriminelle som Dr. Frankenstein samle malware for angrep fra ulike komponenter

Cisco Talos Frankenstein

Den nettkriminalitet gruppen som står bak serien av målrettede angrep i januar-april 2019 bruker ondsinnet verktøy hentet fra tilgjengelig, gratis komponenter for å stjele legitimasjon. Researchers at Cisco Talos called this malware campaign “Frankenstein” because the group skillfully puts together unrelated components and used four different techniques during the operation. “We assess that this activity was hyper-targeted given that there was

Les mer »

Keylogger Hawkeye gjenfødt i andre versjonen og igjen angriper bedrifter

hawkeye gjenfødt

Forskere fra X-Force, IBM avdeling på Cybersecurity – rapportert om malware spam-campigns, i rammer som kriminelle sender keylogger Hawkeye på ansatte i industribedrifter e-post over hele verden. For two months attackers spread software among employees of companies that work in logistics, helsevesen, markedsføring og landbruk. “I cybercrime arena, most financially motivated threat actors are focused on businesses because that

Les mer »

Forskere fortalt om nye instrumenter av MuddyWater cybercriminal gruppe

muddywater-apt-group-oppgraderings-taktikker-å-unngå-deteksjon

Spesialisert på spionasje Muddywater gruppe, også kjent som SeedWorm og TEMP.Zagros, inngår i dens sett av teknikker, taktikk og prosedyrer nye metoder som tillater å ha fjerntilgang til infiserte systemer og forblir ubemerket samtidig. Første gang gruppen ble berømt i 2017, når det angrepet Midtøsten organisasjoner, derimot, later it included governmental and military companies in Central

Les mer »

Alpines Docker-bilder ble levert med tomt passord for “root” bruker

Docker Alpine

Security researches from Cisco company disclosed data about vulnerability CVE-2019-5021 in the assemblies of Alpine distributive for Docker container isolation system. The essence of identified problem is that for “root” user was by default set by empty password without blocking of direct entrance under “root”. “Due to the nature of this issue, systems deployed using affected versions of the Alpine

Les mer »

Forskere fra Cisco Talos funnet sårbarhet i DBMS SQLite

SQLite

In DBMS SQLite detected vulnerability CVE-2019-5018 that allows performing code in the system if it is possible to execute a SQL query, prepared by an attacker. Problem arises from the SQLite 3.26 branch. “SQLite implements the Window Functions feature of SQL, which allows queries over a subset, or “window,” of rows. This specific vulnerability lies in that “window” function”, - …

Les mer »

Cybercriminals that conducted DNSpoinage campaign, armed now with new malware software

DNSpionage

Cybercriminal group that is responsible for DNSpionage operation became more selective in choosing victims and armed themselves with new malware Karkoff to improve effectiveness of their cyberattacks. According to FireEye, DNSpionage campaing began in the end of April 2017 and for it responsible cybercriminals that act in interests of Iranian government. In the previous attacks, with the use of fake

Les mer »