Articles
Log4Shell Attacks Using Initial Access Broker Targets VMware Horizon Servers
An initial access broker group tracked as Prophet Spider has been linked to a set of malicious activities that exploits the Log4Shell vulnerability in unpatched VMware Horizon Servers.
MacOS Attack Vector: DazzleSpy Backdoor
Slovak cybersecurity firm ESET attributed the intrusion to an actor with "strong technical capabilities," calling out the campaign's overlaps to that of a similar digital offensive disclosed by Google Threat Analysis Group (TAG) in November 2021.
Fraudulent Crypto Tokens Being Used By Hackers
Misconfigurations in smart contracts are being exploited by scammers to create malicious cryptocurrency tokens with the goal of stealing funds from unsuspecting users.
Cryptominer (Xmrig) Rootkit Targeting VMware vSphere
The shell script (hash: b46764c046e0db26e6f43f46364ac0acad173541e7134611cb64e091db7b7ced) in this mining campaign starts with setting the SELINUX mode to permissive. This disables SELinux temporarily using setenforce 0 2>/dev/null command