Evilnum is an advanced APT group that has been operating since 2018. However, two years after it first began using them, its tools and methods were discovered. Experts at Zscaler kept an eye on the threat actor’s activities and observed that the gang had increased its arsenal. The group started targeting an international organization involved […]
The threat actor that developed the BRATA banking trojan has enhanced the malware with data-stealing capabilities. mCleafy, an Italian mobile security researcher, has been tracking BRATA activity and has discovered improvements in more recent campaigns that extended persistence on the device. Technical Details Instead of acquiring a list of installed apps and the required injections […]
CVE-2022-1988 – Cross-site Scripting (XSS) – Generic in GitHub repository neorazorx/facturascripts prior to 2022.09. Source: /facturascripts/EditCuenta can input the taint data without sanitization by the parameter description Proof: This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise […]
Microsoft warns of brute force attacks targeting Internet-exposed and poorly secured Microsoft SQL Server (MSSQL) database servers using weak passwords. The attackers are using legitimate sqlps[.]exe tools as a Living-Off-the-Land Binary (LOLBin). They’re executing recon commands and changing the SQL service’s start mode to LocalSystem using the sqlps[.]exe utility (a PowerShell wrapper for running SQL-built […]
Log4j is a popular logging library for Java applications. It is used for the high-performance aggregation of log data from an application. The vulnerability CVE-2021-44228 [MIT2021] in log4j in versions 2.0 to 2.14.1, which enables attackers to execute their own program code on the target system and thus compromise the server. This danger arises if […]