A new cyber threat has emerged against Russian industries with the ExCobalt cybercrime gang using a newly identified Golang-based backdoor, GoRed, to infiltrate critical sectors. Positive Technologies researchers Vladislav Lunin and Alexander Badayev revealed these findings in a recent report, highlighting ExCobalt’s increasing sophistication and persistence. Origins and Evolution of ExCobalt “ExCobalt, believed to include…
Tag: Hack Attacks
24 Vulnerabilities Found in Chinese Biometric Access Systems
In a recent security assessment conducted by Kaspersky experts, significant vulnerabilities were identified in the biometric readers produced by ZKTeco. These devices, widely used in high-security sectors such as nuclear plants, hospitals, and offices, support advanced authentication methods including facial recognition and QR-code scanning. According to Kaspersky, these vulnerabilities pose a serious risk, potentially allowing…
‘Noodle RAT’ A New Cross-Platform Malware Targets Windows and Linux Systems
Security researchers recently uncovered a new cross-platform malware named Noodle RAT. Noodle RAT: A New Malware Family Trend Micro’s security expert Hara Hiroaki has identified Noodle RAT as a significant departure from known malware variants like Gh0st RAT and Rekoobe. Hiroaki explains, “this backdoor represents a new category of malware, rather than just a variant…
Black Basta May Have Taken Advantage of Windows Zero-Day Vulnerability
Recent investigations by Symantec suggest that threat actors associated with the Black Basta ransomware may have capitalized on a newly disclosed zero-day vulnerability in the Microsoft Windows Error Reporting Service. The flaw, identified as CVE-2024-26169 with a CVSS score of 7.8, facilitated privilege escalation, potentially granting attackers system privileges. Although the vulnerability was patched by…
New York Times Source Code Leaked
In a significant cybersecurity incident, a 4chan user has leaked approximately 270GB of internal data from The New York Times, which purportedly includes vast amounts of source code and other web assets. The anonymous user claimed that the leaked data encompasses nearly 5,000 repositories and around 3.6 million files, including blueprints for projects like Wordle,…
North Korean Hackers Unleash Golang Malware ‘Durian’ Targeting Crypto Companies
Kimsuky, a North Korean threat actor, has perpetrated a series of highly targeted cyber assaults against two South Korean cryptocurrency companies, utilizing a newly discovered Golang-based malware named Durian. According to Kaspersky’s APT trends report for Q1 2024, Durian boasts comprehensive backdoor functionality, enabling the execution of delivered commands, additional file downloads, and the exfiltration…
CISA Launches Vulnrichment Project to Enhance CVE Records
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has unveiled the “Vulnrichment” initiative, designed to enhance Common Vulnerabilities and Exposures (CVE) records with additional metadata, aiding organizations in prioritizing vulnerability remediation. Hosted on a public GitHub repository, the Vulnrichment project aims to augment CVE records with vital data points, including: CISA utilizes its Stakeholder-Specific Vulnerability…
MITRE Breach Timeline: China-Linked Group’s Intrusion Unveiled
On April 19, MITRE, a nonprofit organization managing R&D centers for US government sponsors, disclosed the breach of its Networked Experimentation, Research, and Virtualization Environment (NERVE), an unclassified collaborative network utilized for research, development, and prototyping purposes. Insights into the Attack The cyber espionage group associated with China, identified by Mandiant as UNC5221, exploited zero-day…
Google Dorking: A Simple Method for Gathering Information
Google Dorking, also known as Google hacking, is a method for refining search queries to uncover sensitive information or vulnerabilities. By utilizing specific search operators such as site:, filetype:, and intitle:, users can pinpoint data not typically accessible through standard searches. This technique is commonly employed by researchers, security professionals, and hackers alike to find…
Red Teaming Methodology: Strategies & Approaches
Red teaming is a structured and systematic approach to testing systems, policies, and procedures by simulating real-world attacks or challenges from an adversary’s perspective. This article describes the strategic approach to effectively testing systems, focusing on the methodology behind red team simulations. Planning The initial phase of red teaming entails meticulous planning to delineate objectives,…