QNAP Cryptomined

QNAP warns customers of threat actors targeting their NAS devices with cryptocurrency miners. Upon compromising the devices, the miner will create a new process named [oom_reaper] that allows threat actors…
Grafana Vulnerability

Grafana Vulnerability

Open-source analytics and interactive visualization solution Grafana received an emergency update today to fix a high-severity, zero-day vulnerability that enabled remote access to local files. Grafana 8.3.1, 8.2.7, 8.1.8, and…
Rubrik Cloud Vault for Azure

Rubrik Cloud Vault for Azure

Data security provider Rubrik announced Rubrik Cloud Vault, a fully managed, secure, and isolated cloud archival service built on Microsoft Azure that helps customers secure their data and defend against…
Mozilla 95 ! Rolls Out RLBox SandBoxing

Mozilla 95 ! Rolls Out RLBox SandBoxing

Mozilla is beginning to roll out Firefox 95 with a new sandboxing technology called RLBox that prevents untrusted code and other security vulnerabilities from causing accidental defects as well as…
NodeBB Vulnerability Could Lead RCE

NodeBB Vulnerability Could Lead RCE

Researchers have recently discovered critical flaws in the open source forum platform NodeBB might allow attackers to steal sensitive information and get access to admin accounts. On GitHub, NodeBB is…

Google Patches Vulnerabilities in Chrome

Google rolled out new security update for Chrome, to address 20 vulnerabilities in the browser, including 16 reported by external researchers. 15 are rated high severity. Nearly half of them…
CEELoader added to Nobelium Arsenal
Posted inSecurity

CEELoader added to Nobelium Arsenal

Researchers have identified two distinct clusters of activity, tracked UNC3004 and UNC2652, that were associated with the Russia-linked Nobelium APT group (aka UNC2452). The NOBELIUM APT is the threat actor…