LemonDuck has evolved from a Monero cryptominer into LemonCat, a Trojan that specializes in backdoor installation, credential and data theft, and malware delivery, according to the Microsoft 365 Defender Threat Intelligence Team, which explained their findings in a two-part story [1][2] on the Microsoft Security blog. LemonDuck Trojan.LemonDuck has always been an advanced cryptominer that…

An example of hacked malware was discovered when researchers detected a user downloading a cracked copy of the credential stuffing tool Sentry MBA from a Turkish-language cracking forum. Sentry MBA includes features to bypass website security controls, such as CAPTCHA challenges and web application firewalls. “Threat actors,” say researchers in the HP Wolf Security Threat…

Tracked as CVE-2021-28476 with a CVSS score of 9.9, the security vulnerability impacts Hyper-V’s virtual network switch driver (vmswitch.sys) and could be exploited to achieve remote code execution or cause a denial of service condition. Hyper-V is a native hypervisor that provides virtualization capabilities for both desktop and cloud systems, and which Microsoft uses as…

In a joint advisory published Wednesday, cybersecurity response agencies from the U.S., the U.K., and Australia called special attention to flaws in network perimeter tech from Citrix, Fortinet, Pulse, F5 Networks and MobileIron. The agencies listed 30 distinct security vulnerabilities (categorized by CVEs) that have been “routinely exploited” over the last two years to plant…

Three of the vulnerabilities addressed by Foxit were identified by Cisco Talos researchers, all three leading to arbitrary code execution. Tracked as CVE-2021-21831, CVE-2021-21870, and CVE-2021-21893, the bugs carry CVSS severity score of 8.8. Due to the manner in which certain JavaScript code or annotation objects are handled, a maliciously crafted PDF file may lead…

Vulnerabilities in CODESYS software could have serious implications considering that it’s used in the industrial control systems (ICS) made by several major companies. Last month, a cybersecurity firm warned that programmable logic controllers (PLCs) made by over a dozen manufacturers were exposed to attacks due to critical security bugs discovered in CODESYS software. CODESYS on…

Built on a client-server model architecture and in use for roughly five decades, FTP allows for the easy transfer of files and folders between computers. However, because data is transmitted unencrypted, the protocol has long been considered insecure. Secure variants do exist, including one that leverages SSL/TLS (FTPS), or the SSH File Transfer Protocol (SFTP)….