Recent Security News
-
Google links WinRAR exploitation to Russian, Chinese state hackers
October 18, 2023 at 12:49PM Google’s Threat Analysis Group has identified state-backed hacking groups, including Sandworm, APT28, and APT40, exploiting a vulnerability in WinRAR, a popular compression software. The bug allows attackers to execute arbitrary code on users’ systems. Despite a patch being available, many users remain vulnerable. The bug has been exploited since April,…
-
Google Play Protect adds real-time scanning to fight Android malware
October 18, 2023 at 12:28PM Google has introduced real-time scanning features for Google Play Protect to improve the detection of malicious apps that use polymorphism. This will help enhance the safety of Android users and reduce malware infections. The scanning occurs at the code level and sends behavioral signals to be analyzed for malicious activity.…
-
MATA malware framework exploits EDR in attacks on defense firms
October 18, 2023 at 12:28PM The MATA backdoor framework has been observed in attacks targeting oil and gas firms and the defense industry in Eastern Europe between August 2022 and May 2023. The attacks used spear-phishing emails to trick victims into downloading malicious executables that exploit a vulnerability in Internet Explorer. The updated MATA framework…
-
North Korea’s Kimsuky Doubles Down on Remote Desktop Control
October 18, 2023 at 12:15PM North Korea’s Kimsuky cyber threat group has been found to be using Remote Desktop Protocol (RDP) and other tools to remotely take over targeted systems. The group has also been leveraging open source software such as TightVNC and Chrome Remote Desktop. Kimsuky continues to use spear phishing as its initial…
-
Google links WinRAR exploitation to multiple state hacking groups
October 18, 2023 at 11:16AM State-backed hacking groups, including Sandworm, APT28, and APT40, are exploiting a vulnerability in WinRAR to execute arbitrary code on targeted systems. The bug, known as CVE-2023-38831, has been exploited since April 2023, enabling threat actors to deliver various malware payloads. Despite a patch being available, many users remain vulnerable. Google…