Cybersecurity experts have recently uncovered a new strain of malware known as PG_MEM, specifically designed to mine cryptocurrency by exploiting vulnerabilities in PostgreSQL database instances. This malicious software employs brute-force tactics, wherein attackers repeatedly attempt to guess the database credentials, typically targeting systems with weak passwords. According to Assaf Morag,…
In a concerning development for cybersecurity in the Netherlands, a 19-year-old resident of Amersfoort has been apprehended for his involvement in phishing activities for the fourth time. This continued behavior indicates a troubling pattern, underscoring the challenges many organizations face in the realm of cybersecurity. The young individual’s repeated offenses…
GitLab Issues Urgent Security Update Following Discovery of Critical Vulnerability On Wednesday, GitLab announced the release of crucial security updates aimed at addressing 17 vulnerabilities, among which is a critical flaw that permits an attacker to execute pipeline jobs as an arbitrary user. This vulnerability, designated CVE-2024-6678, carries a CVSS…
New Cyber Threat Uncovered: Sophisticated Malware Dropper Targeting Windows Systems Cybersecurity experts have recently identified a previously unknown dropper that acts as a gateway for deploying advanced malware with the ultimate aim of compromising Windows systems. This discovery marks a significant development in the ongoing fight against cyber threats, particularly…
DragonRank Hacking Group Compromises Global Windows Servers: A Threat to Cybersecurity A cybercriminal organization known as DragonRank has recently been identified as having breached over 30 Windows servers around the world, including in Thailand, India, Korea, Belgium, the Netherlands, and China. This Chinese-speaking hacking group is primarily focused on exploiting…
As the new academic year begins, educational institutions are grappling with an alarming surge in ransomware attacks that threaten their operational integrity. A recent report from Sophos highlights the intensifying strain on IT infrastructure across universities, colleges, and schools of all sizes. The report emphasizes that institutions are facing escalating…
The Kransom ransomware has been found embedded within the StarRail gaming application, employing DLL side-loading tactics alongside a legitimate certificate from COGNOSPHERE PTE. LTD. This malware successfully evades detection while delivering its encrypted payload. Analysts can study this threat within the interactive sandbox provided by ANY.RUN. Investigators at ANY.RUN have…
The FBI and CISA Release Advisory Addressing New Ransomware Threats The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint advisory aimed at mitigating the rising threat of ransomware attacks, as part of their ongoing #StopRansomware initiative. Released on August 29, 2023, the advisory, identified as…
New Malware Campaign Targets Linux Servers for Cryptocurrency Mining Recent discoveries by cybersecurity researchers have unveiled a new malware operation specifically designed to target Linux environments for illicit cryptocurrency mining and the deployment of botnet malware. This campaign notably focuses on the Oracle WebLogic server, aiming to distribute a malware…
