Silentbob Campaign: Cloud-Native Environments Under Attack
Cybersecurity researchers have unearthed an attack infrastructure that’s being used as part of a "potentially massive campaign" against cloud-native environments.
"This infrastructure is in early stages of testing and deployment, and is mainly consistent of an aggressive cloud worm, designed to deploy on exposed JupyterLab and Docker APIs in order to deploy Tsunami malware, cloud credentials Read More
The Hacker News | #1 Trusted Cybersecurity News Site
Darkgate Autoit Converter Bypasses Windows Defender & Most Antiviruses
A new tool known as the Darkgate Autoit Converter Crypter has emerged on the dark web. This sophisticated malware is designed to bypass Windows Defender and most other antivirus programs, posing a significant threat to computer systems worldwide.
A New Threat Emerges
A threat actor announced the Darkgate Autoit Converter Crypter on a dark web forum, as MonThreat reported on their Twitter platform.
Darkgate Autoit Converter Crypter
A threat actor announced Darkgate Autoit Converter Crypter on a dark web forum. Crypter supports native (32-bit) and .NET payloads, the payload script changes the code on each build, has a feature to avoid running in a payload analysis… pic.twitter.com/5DE0mXm5Av
This crypto supports native (32-bit) and .NET payloads, making it versatile and highly effective. One of its most concerning features is its ability to change the code on each build, which makes it extremely difficult for traditional antivirus programs to detect and neutralize.
Its advanced evasion techniques set the Darkgate Autoit Converter Crypter apart from other malware.
It includes a feature specifically designed to avoid running in a payload analysis environment, a standard method used by cybersecurity professionals to study and mitigate threats.
This capability ensures the crypto can operate undetected, allowing malicious actors to execute their payloads without interference.
High Price, High Stakes
The Darkgate Autoit Converter Crypter’s pricing reflects its advanced capabilities. A one-month subscription costs $2,000, while a six-month subscription costs $6,000.
These high prices indicate the level of sophistication and the potential damage this tool can cause. Cybersecurity experts urge organizations to bolster their defenses and remain vigilant against this new threat.
In conclusion, the emergence of the Darkgate Autoit Converter Crypter is a stark reminder of the ever-evolving landscape of cyber threats.
As malware becomes more sophisticated, individuals and organizations must stay informed and proactively protect their digital assets.
Protect Your Business Emails From Spoofing, Phishing & BEC with AI-Powered Security | Free Demo
Atlassian Vulnerabilities Let attackers To Conduct DoS & RCE Attacks
This week, Atlassian released fixes for four high-severity flaws that had the potential to cause a DoS and remote code execution and affected several of its products.
The issues in its primary products, Jira, Confluence, Bitbucket, and Bamboo, have been fixed. Atlassian found these vulnerabilities using its Bug Bounty program, pen-testing processes, and third-party library scans.
Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware
This patch management bug in Jira could allow an attacker to expose assets for further exploitation. It may lead to DoS attacks.
Affected Versions
Introduced in Jira version 4.20.0
Fix Released
Upgrade to a minimum fix version of 4.20.25, 5.4.9, 5.9.2, 5.10.1, 5.11.0 or latest
CVE-2023-22512 (CVSS score: 7.5) – DoS (Denial of Service) Flaw
A DoS flaw in Confluence Data Center and Server. According to Atlassian, an unauthenticated attacker might exploit this vulnerability to block access to resources by temporarily or indefinitely disrupting the services of a vulnerable host connected to a network.
Affected Versions
Version 5.6 and impacts release up to 8.6.0.
Fix Released
Upgrade to a minimum fix version of 7.19.13, 7.19.14, 8.5.1, 8.6.0 or latest
An RCE flaw in the Bitbucket Data Center and Server.
“This RCE (Remote Code Execution) vulnerability, allows an authenticated attacker to execute arbitrary code which has a high impact on confidentiality, high impact on integrity, high impact on availability, and requires no user interaction”, Atlassian said.
Affected Versions
Version 8.0.0 and impacts most releases until version 8.14.0.
Fix Released
Upgrade to a minimum fix version of 8.9.5, 8.10.5, 8.11.4, 8.12.2, 8.13.1, 8.14.0 or latest
A DoS flaw in the Apache Tomcat server impacted the Bamboo Data Center and Server. It is described as a third-party dependency problem that can be exploited by an attacker to “expose assets in your environment susceptible to exploitation.”
Affected Versions
Version 8.1.12, the bug was addressed in Bamboo versions 9.2.4 and 9.3.1.
Fix Released
Upgrade to a minimum fix version of 9.2.4, 9.3.1, or the latest.
Atlassian recommends upgrading to the latest fixed versions released.