"Elastic Security Labs has revealed a significant evolution in malware development with the discovery of GOSAR, a Golang-based rewrite of the widely recognized QUASAR Remote Access Trojan (RAT). This newly developed variant surfaced during investigations into campaigns targeting Chinese-speaking regions, where attackers used SADBRIDGE, a custom malware loader, to deploy GOSAR backdoor."
"The evolution of fake update campaigns has advanced significantly with the emergence of CoinLurker, a sophisticated stealer designed to exfiltrate data while evading detection. Written in Go, CoinLurker employs cutting-edge obfuscation and anti-analysis techniques, making it a highly effective tool in modern cyberattacks. "
"Cybersecurity researchers are calling attention to a new kind of investment scam that leverages a combination of social media malvertising, company-branded posts, and artificial intelligence (AI) powered video testimonials featuring famous personalities, ultimately leading to financial and data loss."
"A recently discovered vulnerability in the popular curl command line tool and library, tracked as CVE-2024-11053 and assigned a CVSS score of 9.1, could lead to the unintended exposure of user credentials. The vulnerability arises from the interaction between the use of .netrc files for storing credentials and curl’s handling of HTTP redirects."
"Cybersecurity researchers have discovered a new version of the ZLoader malware that employs a Domain Name System (DNS) tunnel for command-and-control (C2) communications, indicating that the threat actors are continuing to refine the tool after resurfacing a year ago."
"Cybersecurity researchers have flagged a "critical" security vulnerability in Microsoft's multi-factor authentication (MFA) implementation that allows an attacker to trivially sidestep the protection and gain unauthorized access to a victim's account."
"Google’s Willow quantum chip marks a transformative moment in quantum computing development."
TLP1 : Green
"A malicious botnet called Socks5Systemz is powering a proxy service called PROXY.AM, according to new findings from Bitsight."
TLP1 : Green
"The threat actor known as Gamaredon has been observed leveraging Cloudflare Tunnels as a tactic to conceal its staging infrastructure hosting a malware called GammaDrop."
TLP1 : Green
"A critical severity vulnerability (CVE-2024-53990) has been discovered in the AsyncHttpClient (AHC) library, a popular Java library used for making asynchronous HTTP requests. This vulnerability, with a CVSS score of 9.2, could allow attackers to exploit user sessions and potentially gain unauthorized access to sensitive information."
