News

Cyber Security Reviews NEWS brings you the latest daily updates on trends and happenings around the globe.

A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas. The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low Energy (BLE), a wireless technology used for authenticating Bluetooth devices that are physically located within
The U.S. Attorney’s Office for the Eastern District of New York announced charges Monday against a cardiologist for selling the prominent ransomware tools known as Jigsaw and Thanos. Moises Luis Zagala Gonzalez, 55, was charged with attempted computer intrusions and conspiracy to commit computer intrusions. A Venezuelan resident and cardiologist, Zagala is accused of developing
SonicWall has published an advisory warning of a trio of security flaws in its Secure Mobile Access (SMA) 1000 appliances, including a high-severity authentication bypass vulnerability. The weaknesses in question impact SMA 6200, 6210, 7200, 7210, 8000v running firmware versions 12.4.0 and 12.4.1. The list of vulnerabilities is below – CVE-2022-22282 (CVSS score: 8.2) –
An Iranian hacking operation is melding state-sponsored cyber attacks with financially motivated ransomware heists. Researchers with Secureworks have dubbed the advanced persistent threat (APT) group “Cobalt Mirage,” linking the outfit to another Tehran-backed outfit known as Cobalt Illusion or APT35, which also worked with the support of the Iranian government. The security firm said in
A new joint advisory from U.S. government agencies and Five Eyes intelligence partners warned of increasing cyber attacks by nation-state threat actors and others against managed service providers. The Wednesday advisory focused entirely on managed service providers (MSPs), which are companies that remotely manage the IT infrastructure of other organizations. In addition to U.S. agencies
What are the top 10 spyware threats? The top 10 spyware list describes the 10 common spyware threats behind famous spyware attacks and is frequently identified by Webroot’s Spy Audit, a free spyware scanner tool. What is spyware? Spyware is a term that refers to malicious software that is purposely designed to access a computer
The notorious ransomware operation known as REvil (aka Sodin or Sodinokibi) has resumed after six months of inactivity, an analysis of new ransomware samples has revealed. “Analysis of these samples indicates that the developer has access to REvil’s source code, reinforcing the likelihood that the threat group has reemerged,” researchers from Secureworks Counter Threat Unit
Cybersecurity researchers have shed light on an actively maintained remote access trojan called DCRat (aka DarkCrystal RAT) that’s offered on sale for “dirt cheap” prices, making it accessible to professional cybercriminal groups and novice actors alike. “Unlike the well-funded, massive Russian threat groups crafting custom malware […], this remote access Trojan (RAT) appears to be
The U.S. Treasury Department issued sanctions against a cryptocurrency mixer accused of helping North Korean state-sponsored hackers launder cryptocurrency stolen from an attack on the Axie Infinity multiplayer game. Investigators with the Treasury’s Office of Foreign Assets Control believe that hackers associated with North Korea’s infamous Lazarus Group transferred around $20.5 million worth of money
Cybersecurity researchers have discovered a new Windows malware with worm-like capabilities and is propagated by means of removable USB devices. Attributing the malware to a cluster named “Raspberry Robin,” Red Canary researchers noted that the worm “leverages Windows Installer to reach out to QNAP-associated domains and download a malicious DLL.” The earliest signs of the
SentinelOne discovered two high-severity vulnerabilities affecting Avast and AVG antivirus products that have existed since 2012. Threat detection vendor SentinelOne published a blog that disclosed the vulnerabilities on Thursday. The flaws concern Avast’s anti-rootkit driver, which is used by both Avast and AVG antivirus products (Avast acquired AVG in 2016). If exploited, a threat actor
The National Institute of Standards and Technology (NIST) on Thursday released an updated cybersecurity guidance for managing risks in the supply chain, as it increasingly emerges as a lucrative attack vector. “It encourages organizations to consider the vulnerabilities not only of a finished product they are considering using, but also of its components — which
Eighty-three percent of organizations reported experiencing a successful email-based phishing attack in 2021, with 54% responding they dealt with more than three successful attacks in the same year, according to a Proofpoint survey. Phishing attacks, which were up 26% in 2021 over 2020, are one of the leading causes of data breaches. Preventing employees, partners
India’s computer and emergency response team, CERT-In, on Thursday published new guidelines that require service providers, intermediaries, data centers, and government entities to compulsorily report cybersecurity incidents, including data breaches, within six hours. “Any service provider, intermediary, data center, body corporate and Government organization shall mandatorily report cyber incidents […] to CERT-In within six hours
Microsoft on Thursday disclosed that it addressed a pair of issues with the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region. “By exploiting an elevated permissions bug in the Flexible Server authentication process for a replication user, a malicious user could leverage an improperly anchored regular
At least six different Russia-aligned actors launched no less than 237 cyberattacks against Ukraine from February 23 to April 8, including 38 discrete destructive attacks that irrevocably destroyed files in hundreds of systems across dozens of organizations in the country. “Collectively, the cyber and kinetic actions work to disrupt or degrade Ukrainian government and military
A cyberespionage threat actor known for targeting a variety of critical infrastructure sectors in Africa, the Middle East, and the U.S. has been observed using an upgraded version of a remote access trojan with information stealing capabilities. Calling TA410 an umbrella group comprised of three teams dubbed FlowingFrog, LookingFrog and JollyFrog, Slovak cybersecurity firm ESET