Month: August 2023

Aug 31, 2023THNMalware / Cyber Threat An open-source .NET-based information stealer malware dubbed SapphireStealer is being used by multiple entities to enhance its capabilities and spawn their own bespoke variants. “Information-stealing malware like SapphireStealer can be used to obtain sensitive information, including corporate credentials, which are often resold to other threat actors who leverage the
A new security flaw has been discovered in the widely used All-in-One WP Migration Extensions plugin, potentially leaving millions of WordPress websites vulnerable to unauthorized access token manipulation. The All-in-One WP Migration plugin, a popular tool for seamlessly migrating WordPress websites, boasts over 60 million installations. The plugin offers premium extensions, including those for Box,
Aug 30, 2023THNMalware / Endpoint Security New findings show that malicious actors could leverage a sneaky malware detection evasion technique and bypass endpoint security solutions by manipulating the Windows Container Isolation Framework. The findings were presented by Deep Instinct security researcher Daniel Avinoam at the DEF CON security conference held earlier this month. Microsoft’s container
The leak of the LockBit 3.0 ransomware builder has triggered a surge in personalized variants, impacting various organizations.  Writing in an advisory published last Friday, Kaspersky researchers Eduardo Ovalle and Francesco Figurelli have provided insights into the consequences of this breach, shedding light on the array of LockBit 3.0 derivatives. LockBit 3.0, also known as
by Paul Ducklin US food delivery compeny PurFoods, which trades as Mom’s Meals, has just admitted to a cyberintrusion that took place from 2023-01-16 to 2023-02-22. The company stated officially that: [The] cyberattack […] included the encryption of certain files in our network. Because the investigation identified the presence of tools that could be used
A suspected Chinese-nexus hacking group exploited a recently disclosed zero-day flaw in Barracuda Networks Email Security Gateway (ESG) appliances to breach government, military, defense and aerospace, high-tech industry, and telecom sectors as part of a global espionage campaign. Mandiant, which is tracking the activity under the name UNC4841, described the threat actor as “highly responsive
The majority of Vietnam’s population live in rural areas and often lack access to financial services because banks and other institutions open most of their physical locations in cities. MFast wants to change that with what it says is the leading financial services distribution network in Vietnam. The company announced today it has raised $6
What is ISACA? ISACA is an independent, nonprofit, global association that engages in the development, adoption and use of globally acceptedinformation system(IS) knowledge and practices. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only. What does ISACA offer? ISACA provides guidance, benchmarks and governance tools for enterprises
The North Korean state-sponsored actor Lazarus Group recently started a new campaign targeting internet backbone infrastructure and healthcare entities in Europe and the US, security researchers from Cisco Talos have found. The researchers said that the attackers began exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) in January 2023, only five days after it was disclosed. This
Aug 28, 2023THNVulnerability / Active Directory Cybersecurity researchers have discovered a case of privilege escalation associated with a Microsoft Entra ID (formerly Azure Active Directory) application by taking advantage of an abandoned reply URL. “An attacker could leverage this abandoned URL to redirect authorization codes to themselves, exchanging the ill-gotten authorization codes for access tokens,”
Chinese electric vehicle upstart Xpeng is acquiring the smart EV assets of Didi, China’s ride hailing giant, marking another significant alliance that the Tesla challenge has struck in recent months. In an announcement on Monday, Didi said the duo is forming a strategic partnership to “promote the global application of smart electric vehicles and technologies.”
The FBI has urged users of affected Barracuda appliances to replace them immediately, after warning that they’re still being targeted by a Chinese APT group. A Flash update issued by the agency this week revealed that zero-day vulnerability CVE-2023-2868 continues to be exploited by the group, dubbed UNC4841 by Mandiant, in cyber-espionage attacks. “Barracuda customers
Aug 26, 2023THNData Breach / SIM Swapping Risk and financial advisory solutions provider Kroll on Friday disclosed that one of its employees fell victim to a “highly sophisticated” SIM swapping attack. The incident, which took place on August 19, 2023, targeted the employee’s T-Mobile account, the company said. “Specifically, T-Mobile, without any authority from or
Memes can happen in the blink of an eye, like a Jeopardy! contestant who accidentally makes a sexual innuendo under the pressure of stage lights, or a kid who randomly gets interviewed on a playground and professes his undying love for America’s most plentiful crop, corn. But as soon as we knew former President Donald
Reddit is launching the “Mod Helper Program” to reward moderators who offer helpful advice to other moderators, along with an updated moderator help center.  The announcement comes amid growing discontent among the site’s moderators, many of whom relied on third-party apps that have since been shut down because of Reddit’s API pricing. Moderators have asked