A new spear-phishing campaign is targeting professionals on LinkedIn with weaponized job offers in an attempt to infect targets with a sophisticated backdoor trojan called “more_eggs.”
To increase the odds of success, the phishing lures take advantage of malicious ZIP archive files that have the same name as that of the victims’ job titles taken from their LinkedIn profiles.
“For example, if the LinkedIn member’s job is listed as Senior Account Executive—International Freight the malicious zip file would be titled Senior Account Executive—International Freight position (note the ‘position’ added to the end),” cybersecurity firm eSentire’s Threat Response Unit (TRU) said in an analysis. “Upon opening the fake job offer, the victim unwittingly initiates the stealthy installation of the fileless backdoor, more_eggs.” Read more »
First discovered in 1998, SQL injections (SQLi) are still a devastatingly effective attack technique and remain a top database security priority.
SQL, or Structured Query Language, is the command-and-control language for relational databases such as Microsoft SQL Server, Oracle, IBM DB2 and MySQL. In modern web development, relational databases are a critical resource on the back end of web applications and content management systems written in PHP, .NET, Java EE, Hibernate, SQLite, or other scripting languages.
Given most websites are built on data in a database server, a malicious SQL injection can be lethal. Attackers can access sensitive information, modify web content, and in catastrophic cases, delete your data. Read more »
VMware has published security updates to address a high severity vulnerability in vRealize Operations that could allow attackers to steal admin credentials after exploiting vulnerable servers.
vRealize Operations is an AI-powered and “self-driving” IT operations management for private, hybrid, and multi-cloud environments, available as an on-premises or SaaS solution.
The vulnerability was discovered and reported to VMware by Positive Technologies web security researcher Egor Dimitrenko. Read more »
Οι επιθέσεις με κακόβουλα λογισμικά Ransomware, είναι ένας από τους πιο σοβαρούς τύπους απειλών που αντιμετωπίζουν την σημερινή εποχή οι περισσότεροι οργανισμοί.
Read more »
Popular npm library netmask has a critical networking vulnerability.
netmask is frequently used by hundreds of thousands of applications to parse IPv4 addresses and CIDR blocks or compare them.
The component gets over 3 million weekly downloads, and as of today, has scored over 238 million total downloads over its lifetime. Further, about 278,000 GitHub repositories depend on netmask.
The bug present in the library means when parsing an IP address with a leading zero, netmask sees a different IP due to improper validations in place. Read more »