July 24, 2024 at 09:19AM A zero-day security flaw in Telegram’s Android app called EvilVideo allowed attackers to share malicious files camouflaged as videos. The exploit appeared for sale in June 2024 and was addressed by Telegram in July’s version 10.14.5. Additionally, cybercriminals are leveraging the popularity of the Telegram-based game Hamster Kombat for monetary … Read more
July 23, 2024 at 06:28AM Threat actors use sneaky techniques like swap files to conceal credit card skimmer malware in compromised websites. The skimmer captures payment information and exfiltrates it to an attacker-controlled domain. These actors also use defense evasion methods like malicious plugins and compromised administrator accounts. Site owners are advised on security measures … Read more
July 22, 2024 at 03:14PM Security researchers from Belgium found that numerous dating apps may compromise users’ privacy by leaking sensitive data and even their exact location. All 15 apps analyzed had vulnerabilities that could be exploited to obtain sensitive user information. Additionally, trilateration techniques were used to pinpoint users’ precise locations, posing potential physical … Read more
July 17, 2024 at 12:43PM Researchers have found a new variant of a stealer malware linked to North Korea, this time targeting job seekers with a malicious Apple macOS disk image file named “MiroTalk.dmg.” This malware, known as BeaverTail, can steal sensitive data from web browsers, crypto wallets, and iCloud Keychain. Additionally, a new malicious … Read more
July 16, 2024 at 10:27AM Former GitHub engineers secured $20 million from Sequoia Capital for startup XBOW, aiming to use AI to boost pentesters, bug hunters, and security researchers’ efficiency. Founded by Oege de Moor and ex-GitHub engineers, the team includes former Lyft CISO Nico Waisman. XBOW’s AI autonomously passed 75% of web security benchmarks … Read more
July 15, 2024 at 01:39AM Cybersecurity researchers have uncovered a new version of the ransomware strain HardBit, featuring enhanced obfuscation and passphrase protection to hinder analysis efforts. The financially-motivated threat group, which operates without a data leak site, communicates via Tox messaging service and employs various tactics like credential theft and network discovery. Ransomware activity … Read more
July 11, 2024 at 09:38PM APT41, a Chinese government-backed cyber espionage group, has added DodgeBox loader and MoonWalk backdoor to their malware toolbox. Zscaler’s ThreatLabz team attributes these new tools to APT41, indicating financially motivated crimes. DodgeBox exhibits advanced capabilities and evasive techniques, with MoonWalk using Google Drive for command-and-control communication. More details on MoonWalk … Read more
July 11, 2024 at 02:20PM Google has increased bug payouts through its Vulnerability Reward Program by up to 5x, with a maximum reward of $151,515 for a single security flaw. The new rewards apply to vulnerability reports submitted on or after July 11th. In addition, the company has expanded payment options and updated its rules … Read more
July 11, 2024 at 10:04AM A threat actor known as “Crystalray” has been utilizing open source software (OSS) to expand its operations in credential stealing and cryptomining. Researchers observed Crystalray utilizing a range of OSS tools to carry out various stages of its attack chain. Despite its efficiency, the use of OSS opens the attacker … Read more
July 8, 2024 at 08:01AM Security researchers have identified a critical Ghostscript vulnerability (CVE-2024-29510), allowing remote code execution through a format string injection in the uniprint device. Exploited in the wild, this flaw impacts web applications and document conversion services. The issue was addressed in Ghostscript version 10.03.1, but immediate updating is strongly recommended to … Read more