CDRThief Malware Targets VoIP Gear in Carrier Networks
The Linux-targeted code can steal phone-call metadata, likely in spy campaigns or for use in VoIP fraud.
An overview of targeted attacks and APTs on Linux
Perhaps unsurprisingly, a lot has been written about targeted attacks on Windows systems. Windows is, due to its popularity, the platform for which we discover most APT attack tools. At the same time, there’s a widely held opinion that Linux is a secure-by-default operating system that isn’t susceptible to malicious code. It’s certainly true that…
Zeppelin Ransomware Returns with New Trojan on Board
The malware has popped up in a targeted campaign and a new infection routine.
Google Squashes Critical Android Media Framework Bug
The September Android security bulletin addressed critical- and high-severity flaws tied to 53 CVEs overall.
TeamTNT Gains Full Remote Takeover of Cloud Instances
Using a legitimate tool called Weave Scope, the cybercrime group is establishing fileless backdoors on targeted Docker and Kubernetes clusters.
Severe Industrial Bugs Allow Takeover of Critical Systems
Researchers warn of critical vulnerabilities in a third-party industrial component used by top ICS vendors like Rockwell Automation and Siemens.
Spyware Labeled ‘TikTok Pro’ Exploits Fears of US Ban
Malware can take over common device functions as well as creates a phishing page to steal Facebook credentials.
Microsoft’s Patch Tuesday Packed with Critical RCE Bugs
The most concerning of the disclosed bugs would allow an attacker to take over Microsoft Exchange just by sending an email.
Critical Intel Active Management Technology Flaw Allows Privilege Escalation
The critical Intel vulnerability could allow unauthenticated attackers gain escalated privileges on Intel vPro corporate systems.
Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers
Five critical cross-site scripting flaws were fixed by Adobe in Experience Manager as part of its regularly scheduled patches.