/images/us.svg)
/images/logo.svg){kind=logo}
/images/logoHover.svg)
/images/flags/en.png)
/images/dot.svg)
gnuadmin
- 6 min read
- Aug 23, 2023
In September 2024, several malicious libraries and tools were used in cyber attacks. Here are the main ones:
1. Backdoor in the XZ library.
A backdoor was discovered in XZ, a data compression utility. This allowed attackers to modify SSH server functions. The vulnerability (CVE-2023-3094) demonstrated the complexity and multi-stage nature of the infection. Attackers could send commands to infected servers.
2. ScreenConnect Vulnerabilities.
Attackers exploited vulnerabilities in ScreenConnect to introduce LockBit ransomware. Black Basta and Bl00dy have also exploited these vulnerabilities.
3. Mekotio Trojan.
A new Trojan, Mekotia, uses PowerShell to steal information. It establishes a connection with a remote server and downloads malicious files. It is a dangerous tool for cybercriminals.
4. DevPopper Trojan
This Trojan targets programmers and spreads through fake job offers. It allows attackers to control infected systems and steal data, which indicates active use of social engineering in cyber attacks.
5. Vulnerabilities in the Ray Framework. The vulnerability CVE-2023-48022 in the popular Ray framework allows attackers to gain access to confidential information, including source code for artificial intelligence models and database credentials.
These examples highlight the variety of methods and tools used by attackers in modern cyberattacks, as well as the need for constant updates to threat protection strategies. And you can still download a reliable and secure VPN from us.
