Search results

First observed in November 2018, Cr1ptT0r is a ransomware tool available on a number of dark web hacking forums.

OpenSSL version 1.0.2r has been released to address a vulnerability for users of versions 1.0.2–1.0.2q. An attacker could exploit this vulnerability to obtain sensitive information.

A security researcher has released details of a vulnerability in the snapd daemon used to manage Canonical 'Snap' packages.

Qealler is a Java-based information stealer that uses the ProGuard obfuscator to evade detection and deploys a Python-based tool to steal credentials.

VMware has released security updates to address a vulnerability affecting multiple VMware products. An attacker could exploit this vulnerability to take control of an affected system.

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

Murkios is a newly observed information stealing trojan and botnet available for sale on a number of dark web forums.

Details of a privilege escalation vulnerability in the runc open-source container runtime have been disclosed by its maintainers. They claim a local threat actor could exploit this vulnerability to obtain administrative privileges within an affected container.

Intel has released details of multiple vulnerabilities in their Data Center Manager Software Development Kit (SDK) product.

BabyShark is a new remote access trojan first seen in November 2018 targeting government organisations. It shares infrastructure associated with previous KimJongRAT and STOLEN PENCIL campaigns.