Decryptedtech Decryptedtech Decryptedtech Decryptedtech
  • Home
  • Articles
    • News
    • Security Talk
    • Game Thoughts
    • Editorials
    • Shows and Events
    • Leaks and Rumors
    • My Ramblings
    • In Other News
    • Bits, Bytes, and Bourbon
  • Consulting
    • Security Consulting
    • Why Us
    • Services
  • Privacy Policy
  • Archived Items
    • Reviews
      • Enthusiast Gear
        • Motherboards
        • CPUs
        • GPUs
        • Audio
        • Storage and Networking
        • Entusiast Peripherals
      • Pro Gear
        • Motherboards
        • Memory
        • Storage and Networking
      • Consumer Gear
        • Motherboards
        • Audio
        • Storage and Networking
        • Consumer Peripherals
      • Home Theater
      • Mobile Computing
      • Tech Unplugged
      • Gadgets
      • Systems
        • Pro Systems
      • Software and Games
        • Consumer Software
        • Games
      • Peripherals
      • Power and Cooling
  • Bits, Bytes, and Bourbon Store

News

News

Google and Microsoft Share a Zero Day as both Chrome and Edge get Patch Now Guidance.

Google has pushed out a new patch for Chrome to deal with a zero-day vulnerability tracked as CVE-2023-3079. In the patch release Google is clear that this vulnerability is actively being exploited in the wild and that users of both Chrome and Edge should update to the latest version as soon as possible. The report of the flaw was from Google’s own threat research team making this an even more urgent event.

Details
By Sean Kalinich
Sean Kalinich
Jun 08
Hits: 1785
  • Google
  • Hacking
  • Security
  • Microsoft
  • Chrome
  • edge
  • zero day
  • cve20233079

Read more: Google and Microsoft Share a Zero Day as both...

No comments on “Google and Microsoft Share a Zero Day as both Chrome and Edge get Patch Now Guidance.”
News

Barracuda Email Security Gateway Appliances that were Exploited due to Zero-Day Must Be Replaced, not Patched

After the disclosure of a serious Zero-Day that allowed an unauthenticated user to basically own the device. Barracuda is now saying that remediation action for any device that was compromised is a full replacement regardless of the firmware version. It seems that once an attacker gets their malware into the device, it is done. There is not a clean way to remove it and simply patching it does not disable the control that the attacker has on the device. It also seems that at factory resent does not clear it out.

Details
By Sean Kalinich
Sean Kalinich
Jun 08
Hits: 977
  • Hacking
  • Malware
  • ZeroDay
  • barracuda
  • cve20232868
  • esg
  • email security gateway

Read more: Barracuda Email Security Gateway Appliances that...

No comments on “Barracuda Email Security Gateway Appliances that were Exploited due to Zero-Day Must Be Replaced, not Patched”
News

Minecraft Mods stuffed with Malware Used to Target Windows and Linux

As we hear more about Supply Chain attacks and the need for Software Build of Materials we are now hearing of an attack on the popular game, Minecraft. It seems that attackers are leveraging popular Modding platforms to push out information stealing malware (Fractureiser). They are accomplishing this by injecting malicious code into modifications that are then uploaded to different platforms. These are then downloaded and installed by unwary gamers.

Details
By Sean Kalinich
Sean Kalinich
Jun 07
Hits: 1619
  • Gaming
  • Hacking
  • Security
  • Malware
  • Minecraft
  • supply chain attacks
  • information stealer
  • fractureiser

Read more: Minecraft Mods stuffed with Malware Used to...

No comments on “Minecraft Mods stuffed with Malware Used to Target Windows and Linux”
News

Sextortionists Get a Boost from AI and Publicly Available Images

As if the internet needed something else bad floating around it seems that groups that engage in extortion schemes involving the threat of releasing images of a sexual nature are now getting help from AI image creation tools. Sextortion emails are nothing new, in many cases the blackmail is little more than an effort to get a target to click on a malicious file (disguised as an image or video file) in order to get ransomware on a system if the original blackmail is not good enough.

Details
By Sean Kalinich
Sean Kalinich
Jun 07
Hits: 869
  • Security
  • Blackmail
  • sextortion
  • ai images
  • deepfake
  • extorion

Read more: Sextortionists Get a Boost from AI and Publicly...

No comments on “Sextortionists Get a Boost from AI and Publicly Available Images”
News

New PowerShell Malware Dubbed PowerDrop used to Target US Aerospace Industry

It is Wednesday, so it is about time to talk about a new strain of malware. In this case one that leverages Microsoft’s PowerShell to do its dirty work. Primarily a post-exploitation tool, PowerDrop is leveraged after access is obtained by other means. According to researchers at Adlumin, the tool also seems to focus on information gathering/theft. The attack also used WMI (Windows Management instrumentation) to execute the PowerShell commands which could be a move to living off the land.

Details
By Sean Kalinich
Sean Kalinich
Jun 07
Hits: 1010
  • Security
  • Malware
  • powershell
  • threat groups
  • powerdrop

Read more: New PowerShell Malware Dubbed PowerDrop used to...

No comments on “New PowerShell Malware Dubbed PowerDrop used to Target US Aerospace Industry”

More Articles …

  1. More Ransomware as a Service Fun as Cyclops Gang Now Offers Value Add Information Stealer
  2. Attackers Drop Card Stealing Scripts into Legitimate eCommerce Sites
  3. MOVEit Transfer Zero Day gets added to the KEV and a Cool New Web Shell
  4. Google’s Verification Feature in Gmail already Abused by Scammers and Phishers
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11

Page 7 of 570

Follow Us

Follow DecryptedTech on Social Media

facebook twitter linkedin
Decryptedtech