Spoofed Zoom, Google & Skype Meetings Spread Corporate RATs

March 6, 2024 at 01:42PM A threat actor is leveraging fake Skype, Google Meet, and Zoom meetings to distribute malware targeting Android and Windows users. This campaign, discovered in December, poses a significant cybersecurity threat. By mimicking legitimate URLs and hosting on a single IP address, the attackers are successfully distributing malicious payloads, emphasizing the … Read more

Zero-Click GenAI Worm Spreads Malware, Poisoning Models

March 4, 2024 at 06:02PM A worm known as “Morris II” exploits generative AI (GenAI) apps to propagate malware, stealing information, spreading spam, and more. Israeli researchers demonstrated how adversarial self-replicating prompts can manipulate AI, infecting systems via email and images. This presents a new threat to AI security, similar to injection attacks in computing’s … Read more

In Other News: Google Flaw Exploited, 3D Printers Hacked, WhatsApp Gets NSO Spyware

March 1, 2024 at 11:21AM SecurityWeek’s cybersecurity news roundup compiles key developments in the industry, offering insight into critical vulnerabilities, policy changes, and industry reports. This week’s stories include Apple’s EU user security efforts, a macOS API bug, Intel’s vulnerability patching, CISA’s guide for university cybersecurity clinics, NSO’s court order, and China’s data security plan. … Read more

Hacker arrested for selling bank accounts of US, Canadian users

February 19, 2024 at 08:38AM A 31-year-old Ukrainian cybercriminal was arrested for operating a cybercrime scheme targeting American and Canadian bank accounts. The suspect distributed trojanized software through websites and promoted them with online advertising. The hacker stole sensitive data and sold access to bank accounts on the dark web, potentially making over $92,000. The … Read more

5 Steps to Improve Your Security Posture in Microsoft Teams

February 13, 2024 at 10:11AM Summary: Despite being underestimated, SaaS chat apps like Microsoft Teams and Slack are susceptible to sophisticated cyber threats, including phishing campaigns and malware attacks. These attacks exploit vulnerabilities in Teams’ external access settings, posing a growing risk to users. To mitigate these risks, organizations are advised to implement specific remediation … Read more

No, 3 million electric toothbrushes were not used in a DDoS attack

February 7, 2024 at 01:23PM A reported story about 3 million electric toothbrushes being hacked to conduct DDoS attacks is likely a hypothetical scenario rather than an actual attack. The absence of evidence and lack of response from Fortinet, the alleged source, suggest the story is disputable. However, it serves as a reminder to secure … Read more

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign

January 12, 2024 at 02:38AM This blog summarizes the exploitation of CVE-2023-36025 by the Phemedrone Stealer campaign, which targets web browsers, cryptocurrency wallets, and messaging apps. The malware bypasses Windows Defender SmartScreen, allowing threat actors to execute malicious scripts. Despite Microsoft’s patch, the vulnerability continues to be exploited, posing a risk to organizations. Advanced security … Read more

Microsoft disables MSIX protocol handler abused in malware attacks

December 28, 2023 at 02:05PM Microsoft disabled the MSIX ms-appinstaller protocol handler due to multiple financially motivated threat groups exploiting it to infect Windows users with malware. The attackers used the CVE-2021-43890 vulnerability to bypass security measures and distribute malware. Microsoft recommends installing the patched App Installer version 1.21.3421.0 or later and advised disabling the … Read more