Evilnum hackers use the same malware supplier as FIN6, Cobalt

Posted by & filed under Security Alerts.

Hackers in the Evilnum group have developed a toolset that combines custom malware, legitimate utilities, and tools bought from a malware-as-a-service (MaaS) provider that caters for big fintech threat actors. The group has been active since at least 2018 and focuses on companies from the financial technology sector that offer trading and investment platforms. Taking… Read more »

Citrix Bugs Allow Unauthenticated Code Injection, Data Theft

Posted by & filed under Security Alerts.

Admins should patch their Citrix ADC and Gateway installs immediately. Multiple vulnerabilities in the Citrix Application Delivery Controller (ADC) and Gateway would allow code injection, information disclosure and denial of service, the networking vendor announced Tuesday. Four of the bugs are exploitable by an unauthenticated, remote attacker. The Citrix products  (formerly known as NetScaler ADC… Read more »

PoC exploits released for F5 BIG-IP vulnerabilities, Patch Now!

Posted by & filed under Security Alerts.

Two days after patches for critical F5 BIG-IP vulnerability were released, security researchers have started publicly posting proof-of-concept (PoC) exploits show how easy it is to exploit these devices. F5 customers using BIG-IP devices and solutions include governments, Fortune 500 firms, banks, Internet services providers, and many consumer brands, including Microsoft, Oracle, and Facebook. On Friday, F5… Read more »

GoldenSpy backdoor installed by tax software gets remotely removed

Posted by & filed under Security Alerts.

As soon as security researchers uncovered the activity of GoldenSpy backdoor, the actor behind it fell back and delivered an uninstall tool to remove all traces of the malware. GoldenSpy stayed hidden in software called Intelligent Tax, from Aisino Corporation, that a Chinese bank required its company customers to install for paying local taxes. Double… Read more »