Security

Cyber Security Reviews – Security will bring to our readers whats happening on the Security scene around the world.

Threat actors have been observed using malvertising attacks to distribute virtualized .NET malware loaders dubbed “MalVirt.” According to a Thursday advisory by SentinelOne, the new loaders leverage obfuscated virtualization techniques to avoid detection. “The loaders are implemented in .NET and use virtualization, based on the KoiVM virtualizing protector of .NET applications, in order to obfuscate
A US man could face a maximum jail term of 40 years after being charged with fraudulently obtaining $110m of cryptocurrency from crypto exchange Mango Markets and its customers. Avraham Eisenberg, 27, was living in Puerto Rico when he carried out the alleged scheme, according to the Department of Justice (DoJ). He’s now been charged
Security experts claim to have discovered the first “cryptorom” scam applications to have successfully bypassed Apple’s strict App Store vetting processes. The two apps in question, Ace Pro and MBM_BitScan, were also discovered on Google Play. However, it is their presence on the App Store, usually governed by stricter security protocols, which will alarm users.
A critical new vulnerability disclosed by network-attached storage (NAS) vendor QNAP this week could be exploited on almost 30,000 devices globally, according to Censys. The security firm scanned the internet to find 67,415 hosts running QNAP-based systems around the world. Although it could only find the version number on 30,250 of them, a worrying 98%
A leading Taiwanese hardware manufacturer is urging its customers to patch a critical vulnerability in devices running the QTS or QuTS hero firmware. Network-attached storage (NAS) device maker QNAP said in the advisory yesterday that CVE-2022-27596 impacts QTS 5.0.1 and QuTS hero h5.0.1. “If exploited, this vulnerability allows remote attackers to inject malicious code,” it
by Paul Ducklin Samba, simply put, is a super-useful, mega-popular, open-source reimplementation of the networking protocols used in Microsoft Windows, and its historical importance in internetworking (connecting two different sorts of network together) cannot be underestimated. In the late 1990s, Microsoft networking shed its opaque, proprietary nature and became an open standard known as CIFS,
Ukrainian cyber-experts have discovered multiple pieces of destructive malware that, earlier this month, were used in an attack targeting the country’s national news agency (Ukrinform). The country’s Computer Emergency Response Team (CERT-UA) revealed in an update that the attack was publicized on a Telegram channel “CyberArmyofRussia_Reborn” on January 17. After being asked by Ukrinform to
Researchers have found three separate vulnerabilities in OpenEMR, an open-source software for electronic health records and medical practice management. Clean code experts at Sonar published an advisory Wednesday about the discovered flaws by security researcher Dennis Brinkrolf. “During our security research of popular web applications, we discovered several code vulnerabilities in OpenEMR,” Brinkrolf wrote. “A combination of
by Naked Security writer Six months ago, according to the US Department of Justice (DOJ), the Federal Bureau of Investigation (FBI) infiltrated the Hive ransomware gang and started “stealing back” the decryption keys for victims whose files had been scrambled. As you are almost certainly, and sadly, aware, ransomware attacks these days typically involve two
The threat actor known as Cobalt Sapling has been spotted creating a new persona dubbed “Abraham’s Ax” to target Saudi Arabia for political leverage. The findings come from cybersecurity experts at Secureworks’ Counter Threat Unit (CTU), who published an advisory about the new threat earlier today. In a report shared with Infosecurity via email, Secureworks
A previously unknown, financially motivated North Korea state-sponsored threat actor has been observed testing several infection methods in the wild while adhering to a ‘startup’ culture mentality. The findings come from security researchers at Proofpoint, who called the group TA444 and said it has been active in its current form of targeting cryptocurrency exchanges since at
A new string of attacks against East Asian organizations has been spotted by security researchers and attributed to the threat actor known as DragonSpark. The campaign, discovered by SentinelLabs, uses the little-known open-source SparkRAT alongside malware tools to evade detection via source code interpretation techniques based on the Go programming language. “The DragonSpark attacks represent
by Paul Ducklin GoTo is a well-known brand that owns a range of products, including technologies for teleconferencing and webinars, remote access, and password management. If you’ve ever used GoTo Webinar (online meetings and seminars), GoToMyPC (connect and control someone else’s computer for management and support), or LastPass (a password manangement service), you’ve used a
An increasing number of threat actors have started relying on the command-and-control (C2) framework Sliver as an open-source alternative to tools such as Metasploit and Cobalt Strike. Security researchers at Cybereason described the new phenomenon in an advisory published last Thursday, adding that Sliver is gaining popularity due to its modular capabilities (via Armory), cross-platform
UK postal service Royal Mail announced on January 18, 2022, that it has resumed some “limited” international shipping following the ransomware attack that hit the company on January 11. These limited services include “International Standard and International Economy letters which do not require a customs declaration” and “International Business Standard (untracked) and International Business Economy
WhatsApp has been hit with a €5.5m ($5.9m) fine for GDPR violations by Ireland’s Data Protection Commission (DPC). In addition to the fine, WhatsApp Ireland has been directed to bring its data processing operations into compliance within six months. The case showcased significant disagreements between European data protection authorities about the extent of WhatsApp’s liability.