Remove 2023 Remove Ransomware Remove Security Defenses
article thumbnail

RansomHub ransomware gang relies on Kaspersky TDSKiller tool to disable EDR

Security Affairs

Researchers observed the RansomHub ransomware group using the TDSSKiller tool to disable endpoint detection and response (EDR) systems. The RansomHub ransomware gang is using the TDSSKiller tool to disable endpoint detection and response (EDR) systems, Malwarebytes ThreatDown Managed Detection and Response (MDR) team observed.

article thumbnail

Weekly Vulnerability Recap – September 4, 2023 – Attackers Hit Network Devices and More

eSecurity Planet

Major cybersecurity events in the last week make clear that hackers just keep getting savvier — and security teams need to be vigilant to keep up. Ransomware groups continue to exploit unpatched vulnerabilities. Now ransomware attackers, possibly affiliated with FIN8, are exploiting unpatched Citrix products to launch attacks.

VPN 102
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

eSecurity Planet

Network security is another big theme this week: Whether it’s a VPN connection or an enterprise-grade networking platform, patch management solutions typically won’t update network devices, so admins may need to keep an eye on any flaws there too. score of 9.8 out of 10.0, are format string vulnerabilities. 31 and updated Sept.

VPN 114
article thumbnail

Weekly Vulnerability Recap – Sept. 25, 2023 – Flaws in Apple Devices, DevOps Tools and More

eSecurity Planet

The Akira ransomware group made news too, expanding its attacks to include Linux-based systems, and Trend Micro issued a fix for a zero-day vulnerability in its Apex One endpoint security tools. An attacker can use policies for scheduled security scans to run a pipeline in GitLab, posing as another user. severity rating.

article thumbnail

Microsoft’s December 2023 Patch Tuesday Includes Four Critical Flaws

eSecurity Planet

Microsoft announced only one zero-day flaw this month: CVE-2023-20588 , which is found in AMD processors. Four Critical Vulnerabilities Announced The first of the four critical flaws announced, CVE-2023-35628 , is a remote code execution vulnerability in the Windows MSHTML platform with a CVSS score of 8.1.

Antivirus 106
article thumbnail

Weekly Vulnerability Recap – October 2, 2023 –  WS_FTP, Exim, Cisco and Other Exploited Vulnerabilities

eSecurity Planet

September 29, 2023 Patch WS_FTP Now: 10 / 10 RCE Vulnerability Revealed Type of attack: Attackers can exploit unpatched vulnerabilities to perform remote code execution (RCE), directory traversal, cross-site scripting (XSS), SQL injection , cross-site request forgery (CSRF), and file enumeration attacks. RCE vulnerability CVE-2023-42117 = 8.1

DDOS 105
article thumbnail

Why BYOD Is the Favored Ransomware Backdoor

eSecurity Planet

These devices exist outside of direct corporate management and provide a ransomware gang with unchecked platforms for encrypting data. Ransomware remains just one of many different threats and as security teams eliminate key vectors of attack, adversaries will shift tactics. How does remote encryption work?