Malware Disguised as Minecraft Mods Target Gamers

Research by: Jaromír Hořejší (@JaromirHorejsi), Antonis Terefos (@Tera0017) Key Points Check Point Research discovered a multistage campaign targeting Minecraft users via the distribution as a service (DaaS) Stargazers Ghost Network, which operates on GitHub. The malware impersonates, among others, Oringo and Taunahi, which are “Scripts & Macro” tools (a.k.a cheats). The first-stage downloader and the second-stage…

Read More

Public database exposed 184 million credentials including Microsoft, Facebook, Snapchat, and government account logins

The Sitecore CMS had an account with a hardcoded password Threat actors could use it to upload arbitrary files, achieving RCE Thousands of endpoints are potentially at risk Sitecore Experience Platform, an enterprise-level content management system (CMS) carried three vulnerabilities which, when chained together, allowed threat actors full takeover of vulnerable servers, experts have warned….

Read More