The cybercriminals are using a deserialization vulnerability, CVE-2019-18935, to achieve remote code execution before moving laterally through the enterprise.
Source: Threadpost
Blue Mockingbird Monero-Mining Campaign Exploits Web Apps
- Advertisement -
APLICATIONS
North Korea’s Hidden Cobra Strikes U.S. Targets with HOPLIGHT
The custom malware is a spy tool and can also disrupt processes at U.S. assets.
Source: Threadpost
