OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf
The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region. “The group utilizes sophisticated tactics that include deploying a backdoor that leverages Microsoft Exchange servers for credentials theft, and exploiting vulnerabilities like
- Published in News
Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking
The crypto-jacking group known as Kinsing has demonstrated an ability to continuously evolve and adapt, proving to be a persistent threat by swiftly integrating newly disclosed vulnerabilities into the exploit arsenal and expanding its botnet. The findings come from cloud security firm Aqua, which described the threat actor as actively orchestrating illicit cryptocurrency mining campaigns since 2019.
- Published in News
Raspberry Robin Malware Upgrades with Discord Spread and New Exploits
The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than before. This means that “Raspberry Robin has access to an exploit seller or its authors develop the exploits themselves in a short period,” Check Point
- Published in News
Double-Extortion Play Ransomware Strikes 300 Organizations Worldwide
According to a new joint cybersecurity advisory from Australia and the U.S., the threat actors behind the Play ransomware are estimated to have impacted approximately 300 entities as of October 2023. “Play ransomware actors employ a double-extortion model, encrypting systems after exfiltrating data and have impacted a wide range of businesses and critical infrastructure organizations
- Published in News