News

Cyber Security Reviews NEWS brings you the latest daily updates on trends and happenings around the globe.

Details have emerged about a recently patched critical remote code execution vulnerability in the V8 JavaScript and WebAssembly engine used in Google Chrome and Chromium-based browsers. The issue relates to a case of use-after-free in the instruction optimization component, successful exploitation of which could “allow an attacker to execute arbitrary code in the context of
Quanta Cloud Technology (QCT) servers have been identified as vulnerable to the severe “Pantsdown” Baseboard Management Controller (BMC) flaw, according to new research published today. “An attacker running code on a vulnerable QCT server would be able to ‘hop’ from the server host to the BMC and move their attacks to the server management network,
Over the past decade, REST APIs have become a de facto architectural approach for modern web and mobile application platforms. They separate data and presentation layers, allowing systems to scale in size and feature sophistication over time. However, as data moves across boundaries, security becomes a key concern for REST APIs containing sensitive information. One
A year-long international investigation has resulted in the arrest of the suspected head of the SilverTerrier cybercrime group by the Nigeria Police Force. “The suspect is alleged to have run a transnational cybercrime syndicate that launched mass phishing campaigns and business email compromise schemes targeting companies and individual victims,” Interpol said in a statement. Operation
Containers revolutionized the development process, acting as a cornerstone for DevOps initiatives, but containers bring complex security risks that are not always obvious. Organizations that don’t mitigate these risks are vulnerable to attack. In this article, we outline how containers contributed to agile development, which unique security risks containers bring into the picture – and
The move toward abandoning passwords is coming closer as Apple, Google and Microsoft announced plans to expand support for the Fast Identity Online Alliance’s FIDO2 specification, enabling users to enroll in passwordless authentication with multiple devices across the three platforms. Users will soon be able to use passwordless authentication in Android and iOS, Chrome, Edge
QNAP devices have been hit by DeadBolt ransomware for at least the second time in less than six months. In January, QNAP warned users that a new ransomware strain was widely targeting its network-attached storage (NAS) devices using an alleged zero-day vulnerability. DeadBolt was encrypting users’ data and demanding bitcoin payments in ongoing attacks on
A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas. The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low Energy (BLE), a wireless technology used for authenticating Bluetooth devices that are physically located within
The U.S. Attorney’s Office for the Eastern District of New York announced charges Monday against a cardiologist for selling the prominent ransomware tools known as Jigsaw and Thanos. Moises Luis Zagala Gonzalez, 55, was charged with attempted computer intrusions and conspiracy to commit computer intrusions. A Venezuelan resident and cardiologist, Zagala is accused of developing
SonicWall has published an advisory warning of a trio of security flaws in its Secure Mobile Access (SMA) 1000 appliances, including a high-severity authentication bypass vulnerability. The weaknesses in question impact SMA 6200, 6210, 7200, 7210, 8000v running firmware versions 12.4.0 and 12.4.1. The list of vulnerabilities is below – CVE-2022-22282 (CVSS score: 8.2) –
An Iranian hacking operation is melding state-sponsored cyber attacks with financially motivated ransomware heists. Researchers with Secureworks have dubbed the advanced persistent threat (APT) group “Cobalt Mirage,” linking the outfit to another Tehran-backed outfit known as Cobalt Illusion or APT35, which also worked with the support of the Iranian government. The security firm said in
A new joint advisory from U.S. government agencies and Five Eyes intelligence partners warned of increasing cyber attacks by nation-state threat actors and others against managed service providers. The Wednesday advisory focused entirely on managed service providers (MSPs), which are companies that remotely manage the IT infrastructure of other organizations. In addition to U.S. agencies
What are the top 10 spyware threats? The top 10 spyware list describes the 10 common spyware threats behind famous spyware attacks and is frequently identified by Webroot’s Spy Audit, a free spyware scanner tool. What is spyware? Spyware is a term that refers to malicious software that is purposely designed to access a computer
The notorious ransomware operation known as REvil (aka Sodin or Sodinokibi) has resumed after six months of inactivity, an analysis of new ransomware samples has revealed. “Analysis of these samples indicates that the developer has access to REvil’s source code, reinforcing the likelihood that the threat group has reemerged,” researchers from Secureworks Counter Threat Unit
Cybersecurity researchers have shed light on an actively maintained remote access trojan called DCRat (aka DarkCrystal RAT) that’s offered on sale for “dirt cheap” prices, making it accessible to professional cybercriminal groups and novice actors alike. “Unlike the well-funded, massive Russian threat groups crafting custom malware […], this remote access Trojan (RAT) appears to be
The U.S. Treasury Department issued sanctions against a cryptocurrency mixer accused of helping North Korean state-sponsored hackers launder cryptocurrency stolen from an attack on the Axie Infinity multiplayer game. Investigators with the Treasury’s Office of Foreign Assets Control believe that hackers associated with North Korea’s infamous Lazarus Group transferred around $20.5 million worth of money