exploits Archives - AZGAD WEBSITE SECURITY BLOG

Sunday, April 20, 2025

Latest:

APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader

2020-12-29 David “moose” Wolpoff

6 Questions Attackers Ask Before Choosing an Asset to Exploit

David “moose” Wolpoff at Randori explains how hackers pick their targets, and how understanding “hacker logic” can help prioritize defenses.

advanced persistent threat apt Breach cisa alert covid-19. remote access Cyberattacks data exfiltration espionage exploits Government Hacks Malware nation states Phishing remote working spearphishing Think tanks VPN Vulnerabilities Web Security

2020-12-03 Tara Seals

Think-Tanks Under Attack by Foreign APTs, CISA Warns

The feds have seen ongoing cyberattacks on think-tanks (bent on espionage, malware delivery and more), using phishing and VPN exploits as primary attack vectors.

Barracuda Cryptominer cryptomining drupalgeddon 2.0 exploits golang linux Malware Oracle Security Vulnerabilities Vulnerabilities Web Security Windows Worm XMRig

2020-06-25 Tara Seals

Golang Worm Widens Scope to Windows, Adds Payload Capacity

A first-stage malware loader spotted in active campaigns has added additional exploits and a new backdoor capability.

abandoned exploits botnet DDoS draytek exploits failures grandstream hoaxcalls IoT Malware Malware analysis Radware symantec web gateway takedown Vulnerabilities Web Security Zyxel

2020-05-29 Tara Seals

Inside the Hoaxcalls Botnet: Both Success and Failure

The DDoS group sets itself apart by using exploits — but it doesn’t always pan out.

commercial exploits FireEye for sale more available NSO Group offensive cyber weapons Security Vulnerabilities Vulnerabilities zero days

2020-04-07 Tara Seals

A Brisk Private Trade in Zero-Days Widens Their Use

More zero-day exploits coming up for sale by NSO Group and others is democratizing the attack vector and placing them within reach of less sophisticated attackers.

APT41 China Chinese Hackers Cisco citrix Cloud Security critical flaw espionage campaign Exploit exploits FireEye government spies Hacks nation state Vulnerabilities zero day Zoho

2020-03-25 Lindsey O'Donnell

Chinese Hackers Exploit Cisco, Citrix Flaws in Massive Espionage Campaign

Researchers say that APT41’s exploits are part of one of the broadest espionage campaigns they’ve seen from a Chinese-linked actor “in recent years.”

Breach Citrix ADC citrix flaw Citrix Gateway Cloud Security critical vulnerability CVE-2019-19781 Denial of Service exploits in the wild Malware Positive Technologies RCE remote code execution unpatched systems Vulnerabilities

2020-02-07 Tara Seals

Critical Citrix RCE Flaw Still Threatens 1,000s of Corporate LANs

RCE and myriad other types of attacks could take aim at the 19 percent of vulnerable companies that haven’t yet patched CVE-2019-19781.

automox cybersecurity metrics EDR endpoint detection and response exploits Hacks InfoSec Insider mean time to harden Patch management Patching richard melick time to exploitation Vulnerabilities

2019-12-30 Richard Melick

Mean Time to Hardening: The Next-Gen Security Metric

Given that the average time to weaponizing a new bug is seven days, you effectively have 72 hours to harden your systems before you will see new exploits.

botnet echobot exploits IoT Malware Malware analysis Mirai Variant Palo Alto Unit 42 yachtcontrol

2019-12-16 Tara Seals

Echobot IoT Botnet Casts a Wide Net with Raft of Exploit Additions

13 new exploits have been added to the malware’s bag of tricks.

By continuing to use the site, you agree to the use of cookies. more information