Palo Alto Networks Unit 42 researchers released a new report “Network Security Trends” that highlights how attackers are exploiting remote code execution (RCE), cross-site scripting (XSS), traversal and information disclosure vulnerabilities in multiple vendor products.
Researchers have discovered a new eCh0raix ransomware variant that targets QNAP and Synology network-attached storage (NAS) devices.
A new Pro-Ocean cryptojacking malware targets popular cloud applications including ApacheMQ, Oracle Weblogic and Redis. The malware contains four modules that execute to hide, mine cryptocurrency, watchdog and infect systems.
SolarWinds has released an updated security advisory on SUPERNOVA malware, a separate threat vector from the previously reported supply chain cyberattack that was based on SUNBURST backdoor malware. The update now includes new information on 0-day CVE-2020-10148 and PoC demo.
An anonymous hacker posted exploit code for a remote code execution vulnerability in version 5 of the popular vBulletin forum software, used on over 100,000 social websites.
Attackers behind BabyShark malware and cyber campaigns is now targeting the cryptocurrency industry.
