June 21, 2024 at 10:45AM The SneakyChef, a Chinese-speaking threat actor, has conducted an espionage campaign targeting government agencies in Asia and EMEA since August 2023. They have used SugarGh0st malware and a new remote access trojan codenamed SpiceRAT, employing various infection chains and techniques, expanding their scope to countries including Angola, India, Latvia, Saudi … Read more
June 11, 2024 at 09:52AM Apple released visionOS 1.2 to address numerous vulnerabilities, with the standout CVE-2024-27812 specific to the Vision Pro headset. The update also prompted new security advisories for iOS, macOS, and other products, consolidating CVEs. The vulnerabilities could lead to code execution, information disclosure, and DoS, with the acknowledged researcher considering it … Read more
April 23, 2024 at 06:57AM Microsoft’s PlayReady technology faces vulnerabilities, allowing rogue subscribers to download protected content from streaming services. AG Security Research’s founder, Adam Gowdiak, discovered these flaws over a nine-month period and has released tools to exploit them. While Microsoft is investigating, Gowdiak is reluctant to fully disclose his findings without a commercial … Read more
April 21, 2024 at 02:55PM A new malware campaign targets child exploiters using extortion tactics, such as locking desktops and encrypting files. Recently, a malware executable called ‘CryptVPN’ targets those seeking child pornography, pretending to be a subscription service. The malware changes the target’s wallpaper to an extortion demand and drops a ransom note, demanding … Read more
April 10, 2024 at 09:45AM Cybersecurity researchers have detected a new Raspberry Robin campaign using malicious Windows Script Files to spread malware since March 2024. The campaign, historically spread through USB drives, has expanded to other initial infection methods, including social engineering and malvertising. The WSF files function as downloaders to retrieve the main DLL … Read more
March 19, 2024 at 07:30PM Security researchers discovered nearly 19 million plaintext passwords exposed due to misconfigured Firebase instances, with millions of sensitive user records including emails, names, phone numbers, and billing information. The trio of researchers scanned over five million domains and found 916 websites with inadequate security rules. They alerted impacted companies and … Read more
March 13, 2024 at 02:41PM Attribution of cyber incidents is vital for legal and security actions, but it’s becoming more challenging. A framework for attribution includes victimology analysis, categorizing adversary tools, understanding time implications, investigating malicious infrastructure, reviewing implementation techniques, and assessing collected intelligence for accuracy and exclusivity. Rushing attribution can lead to disastrous consequences, … Read more
February 21, 2024 at 01:15AM A recently discovered influence operation targeted Ukraine, using spam emails to spread war-related disinformation. Slovak cybersecurity company ESET linked the activity to Russia-aligned threat actors, uncovering spear-phishing campaigns and disinformation emails with PDF attachments. The campaign, named Operation Texonto, sent messages to Ukrainian government, energy companies, and individuals, while also … Read more
February 14, 2024 at 02:51PM Foreign government-backed hacking teams are leveraging OpenAI’s ChatGPT for malicious activities, including vulnerability research, target reconnaissance, and malware creation. Microsoft and OpenAI collaborated to study the use of large language models (LLMs) by these actors and found multiple known APTs experimenting with ChatGPT for malicious purposes. Microsoft took measures to … Read more
February 12, 2024 at 10:48AM South Korean researchers discovered and publicly disclosed a flaw in Rhysida ransomware, enabling the creation of a free Windows decryptor. This ransomware is known for targeting healthcare organizations and was the subject of a warning by the FBI and CISA for attacks against various industries. The flaw allowed for the … Read more