News

Details have emerged about a recently patched critical remote code execution vulnerability in the V8 JavaScript and WebAssembly engine used in Google Chrome and Chromium-based browsers. The issue relates to a case of use-after-free in the instruction optimization component, successful exploitation of which could “allow an attacker to execute arbitrary code in the context of

Limited and fragmented ransomware reporting has a negative impact on national security, according to a U.S. Senate report. The report by the Committee on Homeland Security & Governmental Affairs this week noted how “fragmented and incomplete” reporting of ransomware attacks by victims has created a flawed picture of the threat landscape and has put federal

Quanta Cloud Technology (QCT) servers have been identified as vulnerable to the severe “Pantsdown” Baseboard Management Controller (BMC) flaw, according to new research published today. “An attacker running code on a vulnerable QCT server would be able to ‘hop’ from the server host to the BMC and move their attacks to the server management network,

Over the past decade, REST APIs have become a de facto architectural approach for modern web and mobile application platforms. They separate data and presentation layers, allowing systems to scale in size and feature sophistication over time. However, as data moves across boundaries, security becomes a key concern for REST APIs containing sensitive information. One

A year-long international investigation has resulted in the arrest of the suspected head of the SilverTerrier cybercrime group by the Nigeria Police Force. “The suspect is alleged to have run a transnational cybercrime syndicate that launched mass phishing campaigns and business email compromise schemes targeting companies and individual victims,” Interpol said in a statement. Operation

Two trojanized Python and PHP packages have been uncovered in what’s yet another instance of a software supply chain attack targeting the open source ecosystem. One of the packages in question is “ctx,” a Python module available in the PyPi repository. The other involves “phpass,” a PHP package that’s been forked on GitHub to distribute

After Herminio Rodriguez started work as director of IT for the city of Sarasota, Fla., he discovered an issue with the city’s backups. “Nothing worked,” Rodriguez said of the backup jobs, in an interview with SearchDataBackup at last week’s VeeamON user conference. It was time to make a change. He made it just in time.

Containers revolutionized the development process, acting as a cornerstone for DevOps initiatives, but containers bring complex security risks that are not always obvious. Organizations that don’t mitigate these risks are vulnerable to attack. In this article, we outline how containers contributed to agile development, which unique security risks containers bring into the picture – and

The move toward abandoning passwords is coming closer as Apple, Google and Microsoft announced plans to expand support for the Fast Identity Online Alliance’s FIDO2 specification, enabling users to enroll in passwordless authentication with multiple devices across the three platforms. Users will soon be able to use passwordless authentication in Android and iOS, Chrome, Edge

Cisco on Friday rolled out fixes for a medium-severity vulnerability affecting IOS XR Software that it said has been exploited in real-world attacks. Tracked as CVE-2022-20821 (CVSS score: 6.5), the issue relates to an open port vulnerability that could be abused by an unauthenticated, remote attacker to connect to a Redis instance and achieve code

QNAP devices have been hit by DeadBolt ransomware for at least the second time in less than six months. In January, QNAP warned users that a new ransomware strain was widely targeting its network-attached storage (NAS) devices using an alleged zero-day vulnerability. DeadBolt was encrypting users’ data and demanding bitcoin payments in ongoing attacks on

A Linux botnet malware known as XorDdos has witnessed a 254% surge in activity over the last six months, according to latest research from Microsoft. The trojan, so named for carrying out denial-of-service attacks on Linux systems and its use of XOR-based encryption for communications with its command-and-control (C2) server, is known to have been

A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas. The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low Energy (BLE), a wireless technology used for authenticating Bluetooth devices that are physically located within

Ransomware is not a new attack vector. In fact, the first malware of its kind appeared more than 30 years ago and was distributed via 5.25-inch floppy disks. To pay the ransom, the victim had to mail money to a P.O. Box in Panama. Fast forward to today, affordable ransomware-as-a-service (RaaS) kits are available on

The U.S. Attorney’s Office for the Eastern District of New York announced charges Monday against a cardiologist for selling the prominent ransomware tools known as Jigsaw and Thanos. Moises Luis Zagala Gonzalez, 55, was charged with attempted computer intrusions and conspiracy to commit computer intrusions. A Venezuelan resident and cardiologist, Zagala is accused of developing

A new variant of the macOS malware tracked as UpdateAgent has been spotted in the wild, indicating ongoing attempts on the part of its authors to upgrade its functionalities. “Perhaps one of the most identifiable features of the malware is that it relies on the AWS infrastructure to host its various payloads and perform its

A first-of-its-kind security analysis of iOS Find My function has demonstrated a novel attack surface that makes it possible to tamper with the firmware and load malware onto a Bluetooth chip that’s executed while an iPhone is “off.” The mechanism takes advantage of the fact that wireless chips related to Bluetooth, Near-field communication (NFC), and

SonicWall has published an advisory warning of a trio of security flaws in its Secure Mobile Access (SMA) 1000 appliances, including a high-severity authentication bypass vulnerability. The weaknesses in question impact SMA 6200, 6210, 7200, 7210, 8000v running firmware versions 12.4.0 and 12.4.1. The list of vulnerabilities is below – CVE-2022-22282 (CVSS score: 8.2) –

Ever thought about working full-time in cybersecurity? With millions of unfilled jobs around, now is a great time to get into the industry. Of course, there are many different roles in this field. But all of them require the same handful of professional certifications. The 2022 Ultimate Advanced CyberSecurity Professional Certification Bundle helps you collect

Google on Thursday announced the creation of a new “Open Source Maintenance Crew” to focus on bolstering the security of critical open source projects. Additionally, the tech giant pointed out Open Source Insights as a tool for analyzing packages and their dependency graphs, using it to determine “whether a vulnerability in a dependency might affect

A ransomware group with an Iranian operational connection has been linked to a string of file-encrypting malware attacks targeting organizations in Israel, the U.S., Europe, and Australia. Cybersecurity firm Secureworks attributed the intrusions to a threat actor it tracks under the moniker Cobalt Mirage, which it said is linked to an Iranian hacking crew dubbed

A new joint advisory from U.S. government agencies and Five Eyes intelligence partners warned of increasing cyber attacks by nation-state threat actors and others against managed service providers. The Wednesday advisory focused entirely on managed service providers (MSPs), which are companies that remotely manage the IT infrastructure of other organizations. In addition to U.S. agencies

An espionage-focused threat actor known for targeting China, Pakistan, and Saudi Arabia has expanded to set its sights on Bangladeshi government organizations as part of an ongoing campaign that commenced in August 2021. Cybersecurity firm Cisco Talos attributed the activity with moderate confidence to a hacking group dubbed the Bitter APT based on overlaps in

What are the top 10 spyware threats? The top 10 spyware list describes the 10 common spyware threats behind famous spyware attacks and is frequently identified by Webroot’s Spy Audit, a free spyware scanner tool. What is spyware? Spyware is a term that refers to malicious software that is purposely designed to access a computer

The notorious ransomware operation known as REvil (aka Sodin or Sodinokibi) has resumed after six months of inactivity, an analysis of new ransomware samples has revealed. “Analysis of these samples indicates that the developer has access to REvil’s source code, reinforcing the likelihood that the threat group has reemerged,” researchers from Secureworks Counter Threat Unit

Cybersecurity researchers have shed light on an actively maintained remote access trojan called DCRat (aka DarkCrystal RAT) that’s offered on sale for “dirt cheap” prices, making it accessible to professional cybercriminal groups and novice actors alike. “Unlike the well-funded, massive Russian threat groups crafting custom malware […], this remote access Trojan (RAT) appears to be

The U.S. Treasury Department issued sanctions against a cryptocurrency mixer accused of helping North Korean state-sponsored hackers launder cryptocurrency stolen from an attack on the Axie Infinity multiplayer game. Investigators with the Treasury’s Office of Foreign Assets Control believe that hackers associated with North Korea’s infamous Lazarus Group transferred around $20.5 million worth of money

A new malicious campaign has been spotted taking advantage of Windows event logs to stash chunks of shellcode for the first time in the wild. “It allows the ‘fileless’ last stage trojan to be hidden from plain sight in the file system,” Kaspersky researcher Denis Legezo said in a technical write-up published this week. The