Security News

A previously undocumented remote access trojan written in the Go programming language has been spotted disproportionately targeting entities in Italy, Spain, and the U.K. Called Nerbian RAT by enterprise security firm Proofpoint, the novel malware leverages COVID-19-themed lures to propagate as part of a low volume email-borne phishing campaign that started on April 26, 2022. "The newly identified Nerbian RAT leverages multiple anti-analysis components spread across several stages, including multiple open-source libraries," Proofpoint researchers said in a report shared with The Hacker News.

Security researchers have devised a tool that detects flaws in the way apps like Microsoft Word and Adobe Acrobat process JavaScript, and it's proven so effective they've found 134 bugs - 59 of them considered worthy of a fix by vendors, 33 assigned a CVE number, and 17 producing bug bounty payments totaling $22,000. Making that happen requires the PDF both to define native PDF objects and to parse JavaScript code.

Researchers have discovered several URL spoofing bugs in Box, Zoom and Google Docs that would allow phishers to generate links to malicious content and make it look like it's hosted by an organization's SaaS account. The vulnerabilities arise for a lack of validation of so-called vanity URLs, and they allow attackers with their own SaaS accounts to change the URL of the pages hosting malicious files, forms and landing pages, as to maximize their potential to trick users.

Dubbed as Dark Crystal RAT, the malware is being peddled online to hackers in Russian by a lone rookie malware writer with a penchant for cut-rate pricing. "DCRat is one of the cheapest commercial RATs we've ever come across. The price for this backdoor starts at for a two-month subscription, and occasionally dips even lower during special promotions," according to BlackBerry researchers who published their findings on Monday.

Days after F5 released patches for a critical remote code execution vulnerability affecting its BIG-IP family of products, security researchers are warning that they were able to create an exploit for the shortcoming. The critical security vulnerability impacts the following versions of BIG-IP products -.

Cybersecurity researchers have discovered a new Windows malware with worm-like capabilities and is propagated by means of removable USB devices. Attributing the malware to a cluster named "Raspberry Robin," Red Canary researchers noted that the worm "Leverages Windows Installer to reach out to QNAP-associated domains and download a malicious DLL.".

Two high-severity security vulnerabilities, which went undetected for several years, have been discovered in a legitimate driver that's part of Avast and AVG antivirus solutions. "These vulnerabilities allow attackers to escalate privileges enabling them to disable security products, overwrite system components, corrupt the operating system, or perform malicious operations unimpeded," SentinelOne researcher Kasif Dekel said in a report shared with The Hacker News.

Security researchers have disclosed a security vulnerability in the VirusTotal platform that could have been potentially weaponized to achieve remote code execution. The flaw, now patched, made it possible to "Execute commands remotely within VirusTotal platform and gain access to its various scans capabilities," Cysource researchers Shai Alfasi and Marlon Fabiano da Silva said in a report exclusively shared with The Hacker News.

A proof-of-concept code demonstrating a newly disclosed digital signature bypass vulnerability in Java has been shared online. The high-severity flaw in question, CVE-2022-21449, impacts the following version of Java SE and Oracle GraalVM Enterprise Edition -.

Details have emerged about a now-patched security vulnerability in the Snort intrusion detection and prevention system that could trigger a denial-of-service condition and render it powerless against malicious traffic. Tracked as CVE-2022-20685, the vulnerability is rated 7.5 for severity and resides in the Modbus preprocessor of the Snort detection engine.