A Romanian hacker claims to have found a hole in the website for security firm BitDefender. According to a post by someone using the alias Unu on hackersblog.org, an SQL injection vulnerability persists in the site's news section. Recently websites belonging to security firms F-Secure and Kaspersky Lab were compromised. And a Portuguese partner site belonging to BitDefender also was hit. All three companies deny that any personal information was exposed to the attackers. — CAM
As part of its latest attacks discovered in June, Tropic Tropper exploited several known Microsoft Exchange Server and Adobe ColdFusion vulnerabilities to distribute an updated China Chopper web shell on a server hosting the Umbraco open-source content management system.
More than 50 Alibaba-hosted command-and-control servers have been leveraged to facilitate the distribution of the backdoor, which impersonates the Java, bash, sshd, SQLite, and edr-agent utilities.
Angola and the Democratic Republic of Congo, which is a new Intellexa client, may have leveraged new Predator infrastructure to enable spyware staging and exploitation, according to an analysis from Recorded Future's Insikt Group.