Month: March 2023

A new malware toolset has been discovered and analyzed by security experts at SentinelOne. Dubbed “AlienFox” by the team, the toolkit can harvest credentials for multiple cloud service providers. An advisory published on Thursday by SentinelOne threat researcher Alex Delamotte shows that attackers used AlienFox to successfully harvest API keys and secrets from various services, including
Mar 31, 2023Ravie LakshmananCyber Espionage / APT The advanced persistent threat (APT) actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign. “TA473 since at least February 2023 has continuously leveraged an unpatched Zimbra vulnerability in publicly facing webmail portals that allows them
Multiple security firms have sounded the alarm about an active supply chain attack that’s using a trojanized version of 3CX’s widely-used voice and video-calling client to target downstream customers.  3CX is the developer of a software-based phone system used by more than 600,000 organizations worldwide, including American Express, BMW, McDonald’s and the U.K.’s National Health
Researchers with Israeli startup Legit Security discovered a vulnerability in Microsoft Azure Pipelines that could let threat actors submit malicious code to development workflows and launch supply chain attacks. In a blog post on Thursday, Legit Security revealed the technical details of CVE-2023-21553, a high-severity vulnerability affecting Azure DevOps Server that Microsoft patched in February’s
Mar 30, 2023Ravie LakshmananNetwork Security A group of academics from Northeastern University and KU Leuven has disclosed a fundamental design flaw in the IEEE 802.11 Wi-Fi protocol standard, impacting a wide range of devices running Linux, FreeBSD, Android, and iOS. Successful exploitation of the shortcoming could be abused to hijack TCP connections or intercept client
The ransomware gang known as Clop has been observed exploiting a pre-authentication command injection vulnerability (CVE-2023-0669) in Fortra’s file transfer solution GoAnywhere MFT. The high-level vulnerability has a CVSS:3.1 score of 7.2 and was exploited against several companies in the US and elsewhere, according to a new advisory by security experts at CloudSEK. The flaw
Mar 29, 2023Ravie LakshmananZero-Day / Mobile Security A number of zero-day vulnerabilities that were addressed last year were exploited by commercial spyware vendors to target Android and iOS devices, Google’s Threat Analysis Group (TAG) has revealed. The two distinct campaigns were both limited and highly targeted, taking advantage of the patch gap between the release
How content creators and subscribers can embrace the social media platform without (overly) exposing themselves to the potentially toxic brew of NSFW content and privacy threats By now you’ve most probably heard of, or possibly even use, OnlyFans. Launched in 2016, this subscription service for content creators gained momentum over the course of the pandemic
Yesterday, the ride-sharing company Lyft said its two co-founders, John Zimmer and Logan Green, are stepping down from managing the company’s day-to-day operations, though they are retaining their board seats. According to a related regulatory filing, they actually need to hang around as “service providers” to receive their original equity award agreements. (If Lyft is sold
The French government has announced plans to ban “recreational” apps, including TikTok, Netflix, Instagram, Candy Crush and Twitter, from officials’ devices. The move will be monitored by The National Cybersecurity Agency of France (ANSII) and is expected to affect roughly 2.5 million government officials. “Recreational applications do not deliver sufficient levels of cybersecurity and data protection to
Mar 28, 2023Ravie LakshmananAdvanced Persistent Threat An advanced persistent threat (APT) group that has a track record of targeting India and Afghanistan has been linked to a new phishing campaign that delivers Action RAT. According to Cyble, which attributed the operation to SideCopy, the activity cluster is designed to target the Defence Research and Development
Generative AI is disrupting industries — with understandable controversy. Earlier this month, Danny Postma, the founder of Headlime, an AI-powered marketing copy startup that was recently acquired by Jasper, announced Deep Agency, a platform he describes as an “AI photo studio and modeling agency.” Using art-generating AI, Deep Agency creates and offers “virtual models” for
Enterprises users can now further authenticate Zoom meeting attendees to decrease the threat of participant impersonation as deep fakes become a growing concern. The new security feature, Okta Authentication for End-To-End Encryption (E2EE), launched Monday and is available for all paid Zoom customers. Once it is enabled under the security tab, verified Zoom meeting participants
A new information-stealing malware (infostealer) has been observed targeting Catalina and newer versions of macOS running on Intel M1 and M2 CPUs. Security researcher Shilpesh Trivedi from Uptycs discussed the findings in an advisory published on Friday. “The Uptycs threat research team has discovered a macOS stealer that […] controls its operations over Telegram,” Trivedi wrote.
Pinterest announced today that it’s testing ways to integrate Shuffles collage content into Pinterest, starting with shopping. Shuffles, which is Pinterest’s collage-making app, launched to general public last November. To use Shuffles, users build collages using Pinterest’s own photo library or by snapping photos of objects they want to include with their iPhone’s camera. The