Vulnerability summary for the week: September 18, 2020
A weekly vulnerability digest.
Cybersecurity News - Page 350
Three Iranians charged for attacks on US aerospace and satellite companies
For at least four years the defendants were orchestrating hacking campaigns against numerous companies and organizations in the United States and abroad.
A patient dies during a ransomware attack against a German hospital
The German authorities said the attack was aimed at the Heinrich Heine University, to which the Duesseldorf hospital is affiliated, and not at the UKD itself.
Source code of Cerberus banking trojan offered for free on underground forums
In July, the developers of Cerberus have put up the entire project on auction due to the crew breaking up and having no time to support the operation 24/7.
Thousands of MSSQL databases have been infected with a new MrbMiner malware
A threat actor is hacking into MSSQL servers by using weak passwords.
Largest-ever skimming attack hits hundreds of Magento e-commerce sites
The researchers believe that hackers could have made use of a recent Magento 1 0day exploit that was put up for sale on an underground forum.
Malsmoke malvertising campaign targets porn sites visitors, redirects users to exploit kits
The Malsmoke gang has managed to abuse “practically all adult ad networks”, but this is the first time when the threat actor has hit a top publisher.
New CDRThief malware steals metadata from Linux VoIP softswitches
The malware specifically targets the Linknat VOS2009 / VOS3000 softswitches.
BLURtooth bug puts Bluetooth devices at risk of MitM attacks
The BLURtooth vulnerability impacts all devices using the Bluetooth standard 4.0 through 5.0.
Hackers use trusted cloud monitoring tool to hijack Docker, Kubernetes instances
This is a first known case where attackers use legit third-party software as a backdoor that gives them full access to targeted cloud environments.
Showing elements 3491 - 3500