NetmanageIT CTO Corner
  • Home
  • About
  • Security News
  • How-To Articles
  • General Musings
  • Intel Reports
  • CVE Database
  • BlockLists
  • Internet Latency and Health
  • Useful Links
  • PWPush
  • PDFTools
  • SpeedTest
  • Email Header Analyzer
  • Security Training
  • MITRE Attack Navigator
  • NIST Framework
  • Internet Outage Map
  • Network Mapping and Design
Threat News

New AMBERSQUID Cryptojacking Operation Targets Uncommon AWS Services

Daniel Bender

Sep 18, 2023
New AMBERSQUID Cryptojacking Operation Targets Uncommon AWS Services

A novel cloud-native cryptojacking operation has set its eyes on uncommon Amazon Web Services (AWS) offerings such as AWS Amplify, AWS Fargate, and Amazon SageMaker to illicitly mine cryptocurrency. The malicious cyber activity has been codenamed AMBERSQUID by cloud and container security firm Sysdig. "The AMBERSQUID operation was able to exploit cloud services without triggering the AWS

Qualcomm Releases Patch for 3 new Zero-Days Under Active Exploitation

Qualcomm Releases Patch for 3 new Zero-Days Under Active Exploitation

Chipmaker Qualcomm has released security updates to address 17 vulnerabilities in various components, while warning that three other zero-days have come under active exploitation. Of the 17 flaws, three are rated Critical, 13 are rated High, and one is rated Medium in severity. "There are indications from Google Threat Analysis
Oct 3, 2023
Warning: PyTorch Models Vulnerable to Remote Code Execution via ShellTorch

Warning: PyTorch Models Vulnerable to Remote Code Execution via ShellTorch

Cybersecurity researchers have disclosed multiple critical security flaws in the TorchServe tool for serving and scaling PyTorch models that could be chained to achieve remote code execution on affected systems. Israel-based runtime application security company Oligo, which made the discovery, has coined the vulnerabilities ShellTorch. "These vulnerabilities [...] can lead to
Oct 3, 2023
Over 3 Dozen Data-Stealing Malicious npm Packages Found Targeting Developers

Over 3 Dozen Data-Stealing Malicious npm Packages Found Targeting Developers

Nearly three dozen counterfeit packages have been discovered in the npm package repository that are designed to exfiltrate sensitive data from developer systems, according to findings from Fortinet FortiGuard Labs. One set of packages – named @expue/webpack, @expue/core, @expue/vue3-renderer, @fixedwidthtable/fixedwidthtable, and @virtualsearchtable/virtualsearchtable – harbored an obfuscated
Oct 3, 2023
NetmanageIT CTO Corner © 2023
  • NetmanageIT Website
  • Dan Bender's LinkedIN
  • Internet Latency & Health Monitor
Powered by Ghost