0 Comments
Mar 08, 2024NewsroomInteroperability / Encryption Meta has offered details on how it intends to implement interoperability in WhatsApp and Messenger with third-party messaging services as the Digital Markets Act (DMA) went into effect in the European Union. “This allows users of third-party providers who choose to enable interoperability (interop) to send and receive messages with
0 Comments
Cybersecurity researchers have uncovered a new cyber-threat involving fraudulent Skype, Google Meet and Zoom websites aimed at spreading malware.  The campaign, uncovered in December 2023 by Zscaler’s ThreatLabz, saw perpetrators distributing the SpyNote remote access Trojan (RAT) to Android users and NjRAT and DCRat to Windows users. These malicious URLs and files were identified on
0 Comments
Mar 07, 2024NewsroomVulnerability / Web Security Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri reveal. The attacks, which take the form of distributed brute-force attacks, “target WordPress websites from the browsers of completely innocent and unsuspecting site visitors,” security researcher Denis Sinegubko said. The activity
0 Comments
The TA4903 group has been observed engaging in extensive spoofing of both US government agencies and private businesses across various industries. While primarily targeting organizations within the United States, TA4903 occasionally extends its reach globally through high-volume email campaigns. The overarching objective of these campaigns, as reported by Proofpoint in a new advisory published today, is
0 Comments
Mar 06, 2024NewsroomServer Security / Cryptocurrency Threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services as part of an emerging malware campaign designed to deliver a cryptocurrency miner and spawn a reverse shell for persistent remote access. “The attackers leverage these tools to issue exploit code,
0 Comments
The hacking group GhostSec has seen a significant increase in its malicious activities over the past year, according to research conducted by Cisco Talos.  This surge includes the emergence of GhostLocker 2.0, a new variant of ransomware developed by the group using the Golang programming language.  GhostSec, in collaboration with the Stormous ransomware group, has
0 Comments
Mar 05, 2024NewsroomMalware / Cyber Threat North Korean threat actors have exploited the recently disclosed security flaws in ConnectWise ScreenConnect to deploy a new malware called TODDLERSHARK. According to a report shared by Kroll with The Hacker News, TODDLERSHARK overlaps with known Kimsuky malware such as BabyShark and ReconShark. “The threat actor gained access to
0 Comments
Researchers have developed a computer worm that targets generative AI (GenAI) applications to potentially spread malware and steal personal data. The new paper details the worm dubbed “Morris II,” which targets GenAI ecosystems through the use of adversarial self-replicating prompts, leading to GenAI systems delivering payloads to other agents. Once unleashed, the worm is stored
0 Comments
Cybercriminals are using a network of hired money mules in India using an Android-based application to orchestrate a massive money laundering scheme. The malicious application, called XHelper, is a “key tool for onboarding and managing these money mules,” CloudSEK researchers Sparsh Kulshrestha, Abhishek Mathew, and Santripti Bhujel said in a report. Details about the scam
0 Comments
The UK Home Office has breached data protection law by using electronic tags to monitor migrants, according to the Information Commissioner’s Office (ICO). The regulator said the government department failed to sufficiently assess the privacy intrusion of the continuous collection of individuals’ location information. It noted that 24/7 access to people’s movement is likely to
0 Comments
Mar 02, 2024NewsroomCybercrime / Social Engineering The U.S. Department of Justice (DoJ) on Friday unsealed an indictment against an Iranian national for his alleged involvement in a multi-year cyber-enabled campaign designed to compromise U.S. governmental and private entities. More than a dozen entities are said to have been targeted, including the U.S. Departments of the
0 Comments
Read more on Ivanti vulnerabilities: Eight government agencies from the Five Eyes countries (Australia, Canada, New Zealand, the UK, and the US) issued an urgent warning on February 29 about the active exploitation of Ivanti product vulnerabilities. Specifically, the joint advisory assessed that cyber threat actors are exploiting previously identified vulnerabilities in Ivanti Connect Secure
0 Comments
US President Joe Biden has warned that Chinese manufactured automobiles could be used to steal sensitive data of US citizens and critical infrastructure. The White House statement announced it will be conducting an investigation into the impact of “connected vehicles” containing technology from China on US national security. “I have directed my Secretary of Commerce
0 Comments
Leading drug distributor Cencora has disclosed a cybersecurity incident where data from its information systems was compromised, potentially containing personal information.  The breach was discovered on February 21 2024, according to a Securities and Exchange Commission (SEC) filing published on the same day. “Upon initial detection of the unauthorized activity, the Company immediately took containment steps
0 Comments
Feb 29, 2024NewsroomThreat Intelligence / Cyber Threat Cybersecurity researchers have disclosed a new attack technique called Silver SAML that can be successful even in cases where mitigations have been applied against Golden SAML attacks. Silver SAML “enables the exploitation of SAML to launch attacks from an identity provider like Entra ID against applications configured to
0 Comments
A joint Cybersecurity Advisory (CSA) issued by the Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command and international partners has raised alarms regarding Russian state-sponsored cyber actors’ exploitation of compromised Ubiquiti EdgeRouters. Identified as the Russian General Staff Main Intelligence Directorate (GRU), 85th Main Special Service Center (GTsSS), these actors, also known
0 Comments
Feb 28, 2024NewsroomCyber Espionage / Malware An Iran-nexus threat actor known as UNC1549 has been attributed with medium confidence to a new set of attacks targeting aerospace, aviation, and defense industries in the Middle East, including Israel and the U.A.E. Other targets of the cyber espionage activity likely include Turkey, India, and Albania, Google-owned Mandiant
0 Comments
Cybersecurity researchers have discovered a significant vulnerability in the LiteSpeed Cache plugin for WordPress. The vulnerability affects the LiteSpeed Cache plugin, which boasts over 4 million active installations, and presents a risk of unauthenticated site-wide stored XSS (cross-site scripting). This could potentially allow unauthorized access to sensitive information or privilege escalation on affected WordPress sites via
0 Comments
Feb 27, 2024NewsroomVulnerability / Website Security A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges. Tracked as CVE-2023-40000, the vulnerability was addressed in October 2023 in version 5.7.0.1. “This plugin suffers from unauthenticated site-wide stored [cross-site scripting] vulnerability and could allow any
0 Comments
A recent joint advisory released by CISA in collaboration with the UK National Cyber Security Centre (NCSC) and other domestic and international partners sheds light on the evolving tactics of Russian Foreign Intelligence Service (SVR) cyber actors. Referred to by various aliases such as APT29, Midnight Blizzard, the Dukes or Cozy Bear, this group has