admin

Dozens of websites set up to deliver trojanized versions of WhatsApp and Telegram apps have been spotted targeting Android and Windows users. As discovered by security researchers at ESET, most of these apps rely on clipper malware designed to steal or modify the contents of the Android clipboard. Read more on clipper malware here: Shein

by Paul Ducklin THE PRICE OF FAST FASHION Lucky Thirteen! The price of fast fashion. Firefox fixes. Feature creep fail curtailed in Patch Tuesday. No audio player below? Listen directly on Soundcloud. With Paul Ducklin and Chester Wisniewski. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google

The US Cybersecurity and Infrastructure Security Agency (CISA) has disclosed information regarding a .NET deserialization vulnerability (CVE-2019-18935) in the Progress Telerik user interface (UI) for ASP.NET AJAX. CISA described the findings in an advisory on Wednesday, saying multiple cyber-threat actors were able to exploit the flaw, which also affected the Microsoft Internet Information Services (IIS) web server

by Paul Ducklin Heard of cricket (the sport, not the insect)? It’s much like baseball, except that batters can hit the ball wherever they like, including backwards or sideways; bowlers can hit the batter with the ball on purpose (within certain safety limits, of course – it just wouldn’t be cricket otherwise) without kicking off

A new malware campaign targeting an East Asian company that develops data-loss prevention (DLP) software for government and military entities has been attributed to the advanced persistent threat (APT) group known as Tick. According to an advisory published by ESET on Tuesday, the threat actor breached the DLP company’s internal update servers to deliver malware

by Paul Ducklin Thanks to the precise four-week length of February this year, last month’s coincidence of Firefox and Microsoft updates has happened once again. Last month, Microsoft dealt with three zero-days, by which we mean security holes that cybercriminals found first, and figured out how to abuse in real-life attacks before any patches were

A previously unknown threat actor has been observed conducting espionage campaigns against CIS (Commonwealth of Independent States) entities. Dubbed YoroTrooper by the Cisco Talos team, the threat actors mainly targeted government and energy organizations across Azerbaijan, Tajikistan and Kyrgyzstan. “We also observed YoroTrooper compromise accounts from at least two international organizations: a critical European Union

by Paul Ducklin Linux has never suffered from the infamous BSoD, short for blue screen of death, the name given to the dreaded “something went terribly wrong” message associated with a Windows system crash. Microsoft has tried many things over the years to shake that nickname “BSoD”, including changing the background colour used when crash

A total of 13 vulnerabilities have been found in the E11 smart intercom devices made by Chinese manufacturer Akuvox, allowing remote code execution (RCE), network access and more. Writing in an advisory published last week, Vera Mens, a security researcher at Claroty’s Team82, said the flaws could be exploited via three different attack vectors: RCE

New Linux versions of the IceFire ransomware were deployed in February, against enterprise networks of several media and entertainment sector organizations worldwide. According to security researchers at SentinelOne, the campaign leveraged the exploitation of CVE-2022-47986, a recently patched deserialization vulnerability in IBM Aspera Faspex file-sharing software. “The operators of the IceFire malware, who previously focused only

A new variant of the Xenomorph Android banking trojan has been spotted by ThreatFabric security researchers and classified as Xenomorph.C. The variant, developed by the threat actor known as Hadoken Security Group, represents a substantial upgrade from the malware previously observed by ThreatFabric, according to an advisory published by the company earlier today. “This new

by Paul Ducklin Chinese “fast fashion” brand SHEIN is no stranger to controversy, not least because of a 2018 data breach that its then-parent company Zoetop failed to spot, let alone to stop, and then handled dishonestly. As Letitia James, Attorney General of the State of New York, said in a statement at the end

The White House has allocated a total of $3.1bn to cybersecurity infrastructure in its latest budget report. Published on Thursday, the document shows $145m of this figure will go toward making the Cybersecurity and Infrastructure Security Agency (CISA) “more resilient and defensible.” Of the remaining funds, $98m will be invested in implementing the Cyber Incident Reporting

by Paul Ducklin YOU MUST HAVE THIS CHIP! EVEN IF IT HAS BUGS! Memories of Michelangelo (the virus, not the artist). Data leakage bugs in TPM 2.0. Ransomware bust, ransomware warning, and anti-ransomware advice. No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge.

The threat actor known as “8220 Gang” has been associated with a new payload targeting an exploitable Oracle Weblogic Server in a specific Uniform Resource Identifier (URI). The payload, analyzed by Fortinet security researchers, is characterized by the extraction of ScrubCrypt, a type of malware designed to obfuscate and encrypt applications with the goal of