Over 1,400 CrushFTP servers exposed online were found vulnerable to attacks currently targeting a critical severity server-side template injection (SSTI) vulnerability previously exploited as a zero-day. […] Read More
BleepingComputer
Related Posts
Navigating Insider Risks: Are your Employees Enabling External Threats?
Navigating Insider Risks: Are your Employees Enabling External Threats?
Attacks on your network are often meticulously planned operations launched by sophisticated threats. Sometimes your technical fortifications provide a formidable challenge, and the attack requires assistance from the inside to succeed. For example, in 2022, the FBI issued a warning1 that SIM swap attacks are growing: gain control of the phone and earn a gateway to email, bank accounts, stocks, Read More
How to Automate the Hardest Parts of Employee Offboarding
How to Automate the Hardest Parts of Employee Offboarding
According to recent research on employee offboarding, 70% of IT professionals say they’ve experienced the negative effects of incomplete IT offboarding, whether in the form of a security incident tied to an account that wasn’t deprovisioned, a surprise bill for resources that aren’t in use anymore, or a missed handoff of a critical resource or account. This is despite an average of five hours Read More
The Hacker News | #1 Trusted Cybersecurity News Site
Andariel Hackers Target South Korean Institutes with New Dora RAT Malware
Andariel Hackers Target South Korean Institutes with New Dora RAT Malware
The North Korea-linked threat actor known as Andariel has been observed using a new Golang-based backdoor called Dora RAT in its attacks targeting educational institutes, manufacturing firms, and construction businesses in South Korea.
“Keylogger, Infostealer, and proxy tools on top of the backdoor were utilized for the attacks,” the AhnLab Security Intelligence Center (ASEC) said in a report Read More