Cybersecurity News - Page 9

In brief: Cisco warns of two actively exploited flaws in Catalyst SD-WAN Manager, researchers details a new iOS exploit kit called ‘Coruna,’ and more.

Authorities seized and took offline 330 domains used by Tycoon2FA.

In addition to Cobalt Strike, Silver Dragon deploys a suite of custom post-exploitation tools, including SilverScreen, SSHcmd, and the GearDoor backdoor.

The toolkit contains 23 exploits grouped into five exploit chains and can target iPhones running iOS 13.0 through iOS 17.2.1.

The email abuses the widely used Ukrainian email provider ukr[.]net to make it more believable.

The deal was allegedly arranged through people connected to Stephen Su Bin, a Chinese national previously convicted of hacking US defense companies.

The messages urge recipients to urgently update mobile applications used in widely deployed civilian and military systems.

The attackers deployed the BurrowShell backdoor, capable of taking screenshots, system manipulation, remote shell execution, and operating as SOCKS proxy.

The campaign distributes one of the most fully featured browser-based surveillance toolkits observed in the wild.

The malicious npm packages masquerade as legitimate developer utilities but contain hidden functionality designed to retrieve C&C infrastructure.