September 1, 2024 at 09:08AM The popular open-source project Docker-OSX, allowing virtualization of macOS on non-Apple hardware, has been removed from Docker Hub due to a DMCA takedown request from Apple, citing copyright violation. Although still available on GitHub without installer binaries, the case highlights legal challenges for open-source projects dealing with proprietary software and … Read more
August 27, 2024 at 05:13PM Netwrix released findings from a survey on cybersecurity in the education sector. The study shows a 77% increase in cyberattacks from 2023, with common vectors being phishing and ransomware. Nearly half of organizations faced unplanned expenses due to security breaches, with some also incurring compliance fines and leadership changes. Remediation … Read more
August 26, 2024 at 06:00PM Google announced that it has fixed the tenth zero-day vulnerability exploited in 2024, either by attackers or security researchers in hacking contests. Based on the meeting notes, it appears that Google revealed the patching of the tenth zero-day exploit that was exploited in the wild in 2024 by either attackers … Read more
August 21, 2024 at 04:39PM Security researchers from Check Point Research discovered valuable information about the creator of Styx Stealer, a new malware tool, due to the threat actor’s operational security lapse. They were able to identify the malware author as an individual from Turkey with connections to the operator of an Agent Tesla campaign, … Read more
August 8, 2024 at 01:36PM CrowdStrike disputes the claim from Qihoo 360 that the Falcon EDR sensor bug could lead to privilege escalation or remote code execution. They argue that the bug does not provide a way for arbitrary memory writes or execution control and that their security measures make exploitation highly unlikely. Multiple layers … Read more
August 6, 2024 at 11:30AM In 2023, Samsung paid nearly $5 million through its bug bounty program, with $828,000 disbursed. 113 researchers received rewards for reporting vulnerabilities in Galaxy mobile devices. The highest single reward of over $57,000 went to TASZK Security Labs. Samsung also increased the maximum reward to $1 million and introduced bonus … Read more
August 6, 2024 at 08:06AM North Korean threat actor Moonstone Sleet is distributing malicious npm packages to infect Windows systems. Security researchers are tracking the threat actor, which is linked to a newly discovered North Korean malicious activity cluster. The actor’s attack chains involve bogus ZIP archives and fake technical skills assessments to deliver malicious … Read more
August 2, 2024 at 07:00AM Researchers have identified a new Windows backdoor, known as BITSLOTH, using the Background Intelligent Transfer Service for command-and-control. It’s used by threat actors for keylogging, screen capturing, and data gathering. The malware also utilizes an open-source tool called RingQ, with potential ties to Chinese speakers. The attack leverages various tactics, … Read more
August 1, 2024 at 06:05PM Japanese researchers will demonstrate at Black Hat USA how attackers can insert malicious commands into the machine code of software interpreters, like VBScript and Python, to execute malicious code undetected. By exploiting the lack of bytecode scanning in security software, attackers can hide their activity, posing a significant supply chain … Read more
August 1, 2024 at 09:06AM Italian cybersecurity firm Cleafy discovered an Android remote access trojan (RAT) called BingoMod. It’s capable of fraudulent money transfers and device wiping to erase malware traces. The RAT, attributed to a Romanian-speaking threat actor, uses remote access to exploit on-device fraud, and the malware is under active development. BingoMod employs … Read more