September 29, 2023   05:30 AM   1 The North Korean 'Lazarus' hacking group targeted employees of an aerospace company located in Spain with fake job opportunities to hack into the corporate network using a previously unknown 'LightlessCan' backdoor. The hackers utilized their ongoing "Operation Dreamjob" campaign, which entails approaching a target over LinkedIn and engaging in a fake employee recruitment process that, at some point, required the victim to...

September 28, 2023   10:52 AM   2 Security researcher Sam Curry describes a stressful situation he encountered upon his return to the U.S. when border officials and federal agents seized and searched his electronic devices. Curry was further served with a 'Grand Jury' subpoena that demanded him to appear in court for testimony. Why, you ask? All because his IP address landed in the logs of a crypto wallet associated with a phishing...

September 15, 2023   09:05 AM   8 The Irish Data Protection Commission (DPC) has fined TikTok €345 million ($368 million) for violating the privacy of children between the ages of 13 and 17 while processing their data. Initiated in September 2021, the investigation into the company's data processing practices looked into how TikTok handled children's data from July 31 to December 31, 2020. The Irish Data Protection Authority found that TikTok...

September 17, 2023   02:34 PM   0 TikTok is flooded by a surge of fake cryptocurrency giveaways posted to the video-sharing platform, with almost all of the videos pretending to be themes based on Elon Musk, Tesla, or SpaceX. Threat actors have created fake cryptocurrency giveaways on social media platforms like Instagram and Twitter for years. These scams pretend to be giveaways from celebrities, cryptocurrency exchanges, and, more...

September 12, 2023   05:32 PM   0 Mozilla released emergency security updates today to fix a critical zero-day vulnerability exploited in the wild, impacting its Firefox web browser and Thunderbird email client. Tracked as CVE-2023-4863, the security flaw is caused by a heap buffer overflow in the WebP code library (libwebp), whose impact spans from crashes to arbitrary code execution. "Opening a malicious WebP image could lead to a heap buffer overflow...

July 20, 2023   08:02 AM   0 Earlier this month, security researchers discovered a new peer-to-peer (P2P) malware with self-spreading capabilities that targets Redis instances running on Internet-exposed Windows and Linux systems. The Unit 42 researchers who spotted the Rust-based worm (named P2PInfect) on July 11 also found that it hacks into Redis servers that have been left vulnerable to the maximum severity CVE-2022-0543 Lua sandbox escape...

July 21, 2023   08:02 AM   0 The U.S. Justice Department and the Federal Trade Commission (FTC) announced that Amazon has agreed to pay a $25 million fine to settle alleged children's privacy laws violations related to the company's Alexa voice assistant service. Amazon has offered Alexa voice-activated products and services targeted at children under 13 years old since May 2018. In May 2023, the Federal Trade Commission (FTC) and the U.S. Department of...

May 22, 2023   02:23 PM   0 The ALPHV ransomware group (aka BlackCat) was observed employing signed malicious Windows kernel drivers to evade detection by security software during attacks. The driver seen by Trend Micro is an improved version of the malware known as 'POORTRY' that Microsoft, Mandiant, Sophos, and SentinelOne spotted in ransomware attacks late last year.  The POORTRY malware is a Windows kernel driver signed using stolen keys...

April 26, 2023   05:35 PM   2 The Ukrainian cyber police have arrested a 36-year-old man from the city of Netishyn for selling the personal data and sensitive information of over 300 million people, citizens of Ukraine, and various European countries. The seller was using Telegram to promote the stolen data to interested buyers, asking between $500 and $2,000 depending on the amount of data and its value. "The man was an administrator of closed groups and...

April 26, 2023   07:28 PM   0 ​Microsoft has attributed recent attacks on PaperCut servers to the Clop and LockBit ransomware operations, which used the vulnerabilities to steal corporate data. Last month, two vulnerabilities were fixed in the PaperCut Application Server that allows remote attackers to perform unauthenticated remote code execution and information disclosure: CVE-2023–27350 / ZDI-CAN-18987 / PO-1216: Unauthenticated remote code...

April 27, 2023   10:34 AM   0 A new macOS information-stealing malware named 'Atomic' (aka 'AMOS') is being sold to cybercriminals via private Telegram channels for a subscription of $1,000 per month. For this hefty price, buyers get a DMG file containing a 64-bit Go-based malware designed to target macOS systems and steal keychain passwords, files from the local filesystem, passwords, cookies, and credit cards stored in browsers. The malware also attempts to...

April 24, 2023   03:38 PM   0 A new side-channel attack impacting multiple generations of Intel CPUs has been discovered, allowing data to be leaked through the EFLAGS register. The new attack was discovered by researchers at Tsinghua University, the University of Maryland, and a computer lab (BUPT) run by the Chinese Ministry of Education and is different than most other side-channel attacks. Instead of relying on the cache system like many other side-channel...

April 25, 2023   11:26 AM   0 A new reflective Denial-of-Service (DoS) amplification vulnerability in the Service Location Protocol (SLP) allows threat actors to launch massive denial-of-service attacks with 2,200X amplification. This flaw, tracked as CVE-2023-29552, was discovered by researchers at BitSight and Curesec, who say that over 2,000 organizations are using devices that expose roughly 54,000 exploitable SLP instances for use in DDoS amplification...

April 24, 2023   07:47 AM   1 Microsoft is investigating an ongoing issue preventing some customers from using the search functionality across multiple Microsoft 365 services. The list of affected services includes but is not limited to Outlook on the Web, Exchange Online, SharePoint Online, Microsoft Teams, and Outlook desktop clients. "We're investigating an issue where users may be unable to use the search functionality in multiple Microsoft 365 services,"...

April 24, 2023   11:14 AM   0 APC's Easy UPS Online Monitoring Software is vulnerable to unauthenticated arbitrary remote code execution, allowing hackers to take over devices and, in a worst-case scenario, disabling its functionality altogether. Uninterruptible Power Supply (UPS) devices are vital in safeguarding data centers, server farms, and smaller network infrastructures by ensuring seamless operation amidst power fluctuations or outages. APC (by...