Windows DNS SIGRed bug gets first public RCE PoC exploit

A working proof-of-concept (PoC) exploit is now publicly available for the critical SIGRed Windows DNS Server remote code execution (RCE) vulnerability. Microsoft issued security updates to address the security flaw tracked as CVE-2020-1350 on July 14, 2020, together with a registry-based workaround that helps protect affected Windows servers from attacks. SIGRed has existed in Microsoft's … Continue reading Windows DNS SIGRed bug gets first public RCE PoC exploit

LazyScripter hackers target airlines with remote access trojans

Security researchers analyzing multiple sets of malicious emails believe they uncovered activity belonging to a previously unidentified actor that fits the description of an advanced persistent threat (APT). The actor received the name LazyScripter and has been active since 2018, using phishing to target individuals seeking immigration to Canada for a job, airlines, and the … Continue reading LazyScripter hackers target airlines with remote access trojans

Pro-India hackers use Android spyware to spy on Pakistani military

This week a report has revealed details on two Android spyware strains leveraged by state-sponsored threat actors during the India-Pakistan conflict. The malware strains named Hornbill and SunBird have been delivered as fake Android apps (APKs) by the Confucius advanced persistent threat group (APT), a pro-India state-sponsored operation known to spy on Pakistani and South … Continue reading Pro-India hackers use Android spyware to spy on Pakistani military

Hackers abuse Plex Media servers for DDoS amplification attacks

Netscout experts warn of DDoS-for-hire services abusing Plex Media servers to bounce junk traffic and amplify DDoS attacks. Security researchers from Netscout discovered DDoS-for-hire services have found a way to abuse Plex Media servers to bounce junk traffic and amplify distributed denial of service (DDoS) attacks. Plex Media Server is a personal media library and … Continue reading Hackers abuse Plex Media servers for DDoS amplification attacks

New phishing attack uses Morse code to hide malicious URLs

A new targeted phishing campaign includes the novel obfuscation technique of using Morse code to hide malicious URLs in an email attachment. Samuel Morse and Alfred Vail invented morse code as a way of transmitting messages across telegraph wire. When using Morse code, each letter and number is encoded as a series of dots (short … Continue reading New phishing attack uses Morse code to hide malicious URLs