Julien Maury Avatar
  • npm api timing attack

    Vulnerable API Exposes Private npm Packages

    Aqua Nautilus security researchers have revealed that threat actors could perform a timing attack on npm’s API to uncover private packages. The timing attack on the JavaScript package manager can work even if npm returns a 404 error to unauthorized or unauthenticated users who try to request the following endpoint (generic pattern): https://registry.npmjs.org/@<scope_name>/<secret_package_name> A malicious […]

  • byovd edr bypass

    Ransomware Group Uses Vulnerability to Bypass EDR Products

    The BlackByte ransomware group is actively exploiting a vulnerability in RTCore32.sys and RTCore64.sys, the drivers of a widely used graphic card utility called Micro-Star MSI AfterBurner (version Recorded as CVE-2019-16098, the flaw allows any authenticated user to read and write to arbitrary memory, I/O ports and model-specific registers (MSRs). Cybercriminals can abuse it to […]

  • Fake recruiter phishing profile

    ZINC Hackers Leverage Open-source Software to Lure IT Pros

    ZINC, a sub-group of the notorious North Korean Lazarus hacking group, has implanted malicious payloads in open-source software to infiltrate corporate networks, Microsoft’s threat hunting team has reported. PuTTY, KiTTY, TightVNC, Sumatra PDF Reader, and the muPDF/Subliminal Recording software installer have been backdoored to perform a wide range of social engineering campaigns that started in […]

  • secure dev practices

    Software Supply Chain Security Guidance for Developers

    Whether it’s package hijacking, dependency confusing, typosquatting, continuous integration and continuous delivery (CI/CD) compromises, or basic web exploitation of outdated dependencies, there are many software supply chain attacks adversaries can perform to take down their victims, hold them to ransom, and exfiltrate critical data. It’s often more efficient to attack a weak link in the […]

  • Python tarfile vulnerability

    Unpatched Python Library Affects More Than 300,000 Open Source Projects

    Trellix security researchers have revealed a major vulnerability in the Python tarfile library that could be exploited in software supply chain attacks. The researchers believe it could be used against organizations at scale, which could lead to attacks as serious as the one that hit SolarWinds two years ago. Perhaps more troubling is that the […]

  • Threat Group TeamTNT Returns with New Cloud Attacks

    A retired threat actor has returned with new attacks aimed at the cloud, containers – and encryption keys. The Aqua Nautilus research team observed three attacks that appeared very similar to those performed by TeamTNT, a threat actor specializing in cloud platforms and online instances such as Kubernetes clusters, Redis servers, and Docker APIs. These […]

  • Linux Shikitega vulnerability

    New Linux Malware Shikitega Can Take Full Control of Devices

    AT&T Alien Labs has discovered a new Linux malware that can be used for highly evasive attacks, as the infection has been designed for persistence and runs on practically all kinds of Linux devices. The identity and goals of the authors are as yet unknown, but the technical details have been disclosed. The malware seems […]

  • Microsoft Teams spoofing

    New GIFShell Attack Targets Microsoft Teams

    A cybersecurity consultant has discovered a new attack chain that leverages GIF images in Microsoft Teams to execute arbitrary commands on the target’s machine. The exploit uncovered by Bobby Rauch is dubbed “GIFShell,” and the main component is a GIF image that contains a hidden Python script. This crafted image is sent to a Microsoft […]

  • CVSS Vulnerability Scores Can Be Misleading: Security Researchers

    Vulnerability management systems based on the Common Vulnerability Scoring System (CVSS) v2 scoring system may be misguided, as a new report found that roughly half of the most critical vulnerabilities may be scored incorrectly. “Looking at the past 10 years, in the same midyear period, we see that on average, 51.5 percent of all known […]

  • code security

    GitLab Patches Critical RCE in Community and Enterprise Editions

    The widely-used DevOps platform GitLab has released critical security updates for its Community Edition (CE) and Enterprise Edition (EE).  The vulnerability was reported for a number of versions of GitLab CE/EE: all versions starting from 11.3.4 before 15.1.5 all versions starting from 15.2 before 15.2.3 all versions starting from 15.3 before 15.3.1 Affected versions allow […]

Top Cybersecurity Companies

Top 10 Cybersecurity Companies

See full list

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis