virtual network computing | Breaking Cybersecurity News | The Hacker News

The North Korea-linked  Lazarus Group  (aka Hidden Cobra or TEMP.Hermit) has been observed using trojanized versions of Virtual Network Computing (VNC) apps as lures to target the defense industry and nuclear engineers as part of a long-running campaign known as  Operation Dream Job . "The threat actor tricks job seekers on social media into opening malicious apps for fake job interviews," Kaspersky  said  in its APT trends report for Q3 2023. "To avoid detection by behavior-based security solutions, this backdoored application operates discreetly, only activating when the user selects a server from the drop-down menu of the trojanized VNC client." Once launched by the victim, the counterfeit app is designed to retrieve additional payloads, including a known Lazarus Group malware dubbed  LPEClient , which comes fitted with capabilities to profile compromised hosts. Also deployed by the adversary is an updated version of  COPPERHEDGE , a backdoor known for runn

Four popular open-source VNC remote desktop applications have been found vulnerable to a total of 37 security vulnerabilities, many of which went unnoticed for the last 20 years and most severe could allow remote attackers to compromise a targeted system. VNC (virtual network computing) is an open source graphical desktop sharing protocol based on RFB (Remote FrameBuffer) that allows users to remotely control another computer, similar to Microsoft's RDP service. The implementation of the VNC system includes a "server component," which runs on the computer sharing its desktop, and a "client component," which runs on the computer that will access the shared desktop. In other words, VNC allows you to use your mouse and keyboard to work on a remote computer as if you are sitting in front of it. There are numerous VNC applications, both free and commercial, compatible with widely used operating systems like Linux, macOS, Windows, and Android. Considering

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto , a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use snapshots, agents, or any other periodic data protection methodology. Zerto has no impact on production workloads and can achieve RPOs in the region of 5-15 seconds across thousands of virtual machines simultaneously. For example, the environment in the image below has nearly 1,000 VMs being protected with an average RPO of just six seconds! Application-Centric Protection: Group Your VMs to Gain Application-Level Control   You can protect your VMs with the Zerto application-centric approach using Virtual Protection Groups (VPGs). This logical grouping of VMs ensures that your whole applica