Tag

1 Day Exploits

All articles tagged with #1 day exploits

cybersecurity1 year ago•2 min saved

"Rising Threat: Magnet Goblin Exploits 1-Day Vulnerabilities to Install Linux Malware"

Researchers have discovered a previously unseen Linux variant of the NerbianRAT malware, which has been circulating for at least two years and is installed through the exploitation of recently patched vulnerabilities. The malware, attributed to the threat actor Magnet Goblin, is used to steal credentials and has been deployed through 1-day vulnerabilities in various software, including Ivanti Secure Connect, Magento, and Qlink Sense. Checkpoint Research also identified a smaller version of the malware, MiniNerbian, used for backdooring servers running the Magento ecommerce platform. The Linux version of NerbianRAT lacks protective measures and has been observed stealing VPN credentials and connecting to attacker-controlled IPs.

via Ars Technica|

#1-day-exploits #checkpoint-research #credential-stealer

cybersecurity1 year ago•1 min saved

Magnet Goblin Group Exploits 1-Day Vulnerabilities to Deploy Custom Linux Malware

The financially motivated threat actor group Magnet Goblin is rapidly incorporating one-day security vulnerabilities to breach edge devices and public-facing services, deploying the Nerbian RAT and MiniNerbian on compromised hosts. Their attacks have targeted unpatched Ivanti Connect Secure VPN, Magento, Qlik Sense, and possibly Apache ActiveMQ servers, with the group active since at least January 2022. The deployed malware allows for execution of arbitrary commands and exfiltration of results to a command-and-control server, with the group also utilizing tools such as WARPWIRE JavaScript credential stealer, Ligolo tunneling software, and legitimate remote desktop offerings.

via The Hacker News|

#1-day-exploits #cybersecurity #endpoint-security