Google’s threat hunting unit has again intercepted an active North Korean APT actor sliding into the DMs of security researchers and using zero-days and rigged software tools to take control of their computers. Google’s Threat Analysis Group (TAG) recently reported the government-backed hacking team’s social media accounts and warned that at least one actively exploited zero-day is being used and is currently unpatched.
Cybersecurity investigators are warning of a new type of phishing attacks that abuse Google Looker Studio to bypass protections. Google Looker Studio is a legitimate online tool for creating customizable reports, including charts and graphs that can be easily shared with others. Looker Studio, formerly Google Data Studio, is an online tool for converting data into customizable informative reports and dashboards introduced by Google on 15 March 2016 as part of the enterprise Google Analytics
The Internet runs on open-source software (OSS). It is probably fair to say that open source is everywhere. The Linux kernel, one of the building blocks of open source, is embedded in everything from most supercomputers, cloud computing, billions of phones, and most operating systems. “Open Source” software, as its name suggests, is available to anyone, and it poses a particular challenge in tracking what is happening at all times. This, in turn, leads to the potential for unique and serious
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the internet. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts
Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for privilege escalation. Depending on the privileges associated with the exploited component, an attacker could then install programs; view, change,
Cyber security researchers identified a new information-stealing malware that targets browsers and cryptocurrency wallets. Although the malware, called Bandit Stealer, has only targeted Windows systems so far, it has the potential to expand to other platforms such as Linux. What makes Bandit Stealer particularly dangerous is that it’s difficult for victims to detect, researchers at Trend Micro wrote in a report published last week.
For example, Bandit Stealer can bypass Windows Defender, a sec
Millions of consumers are now being urged to check their devices quickly after security experts found a new threat targeting Android phones. The team at McAfee Mobile Security discovered the most recent attack, which can infect well-known applications with a malicious software library and start carrying out tasks without the smartphone owners' authorization.
Cyber criminals can use a contaminated app to view Wi-Fi history, Bluetooth devices connected to a phone, apps used, and even nearby GP
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the internet. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full us
Google has launched Bard, yes Bard, the search giant’s answer to OpenAI’s ChatGPT and Microsoft’s Bing Chat. Unlike Bing Chat, Bard does not look up search results, all the information it returns is generated by the model itself. But it is still designed to help users brainstorm and answer queries. Google wants Bard to become an integral part of the Google Search experience.
In a recent live demo, Google demonstrated that Bard came up with ideas for a child’s bunny-themed birthday party and g
In 2015, ISIS conducted a series of coordinated attacks around Paris that killed 130 people and wounded nearly 500 more. Two years later, 39 people were killed in an ISIS attack on an Istanbul nightclub during the early hours of New Year’s Day. This week, the US Supreme Court will hear oral arguments in a pair of cases arising from those attacks. The justices’ decisions in Gonzalez v. Google and Twitter v. Taamneh could reshape legal liability for some of the nation’s largest technology compan
A vulnerability has been discovered in Google Chrome which could allow for arbitrary code execution. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacte
A new Phishing-as-a-Service (PhaaS) named EvilProxy (also known as Moloch) was seen for sale in dark web forums, according to researchers. Moloch ransomware is a computer virus infection that encrypts all personal victim files on an affected device and demands a ransom for unlocking them. This file-locking parasite belongs to a relatively small Makop ransomware family compared to others, such as Djvu or Dharma.
EvilProxy actors are using reverse proxy and cookie injection methods to bypass 2FA
Google Cloud has claimed to have blocked the largest Layer 7 (HTTPS) DDoS attack to date after a Cloud Armor customer was targeted by a series of attacks that peaked at 46 million requests per second (rps). Google explained the attack, which occurred on 1 June 2022, was at least 76% larger than the previously reported HTTPS DDoS record and showed characteristics that link it to the Mēris attack family.
Google said its Cloud Armor Adaptive Protection was able to detect and analyze the traffic ea
Google Search and Drive are erroneously flagging links to Association for Computing Machinery (ACM) research papers and websites as ‘malware.’ This 'issue' was first reported by a German researcher. Founded in 1947 and located in New York City US as a non-profit, ACM is the world's largest scientific and educational computing society. As of 2019, ACM's membership comprises nearly 100,000 students and professionals involved in the field of computing.
Its research paper allegedly "violates" Goo
- Red Sky Alliance identified 40,622 connections from new IP’s checking in with our Sinkholes
- MS hit 45 x – 2nd week
- Analysts identified 1,801 new IP addresses participating in various Botnets
- Apple, Google and theUS FTC
- Guns and California Data Hacks
Link to full report: IR-22-182-001_weekly182.pdf
Cyber threat actors are now using socially engineered emails with .ppam file attachments that hide malware that can rewrite Windows registry settings on targeted machines to take over an end user’s computer, researchers have found. It is one of a number of stealthy ways threat actors recently have been targeting desktop users through trusted applications they use daily, using emails that are designed to evade security detections and appear legitimate.
New research from Avanan https://avanan.co
- Red Sky Alliance identified 24,345 connections from new IP’s checking in with our Sinkholes
- Microsoft IP’s in UK and N. Ireland hit
- Analysts identified 1,435 new IP addresses participating in various Botnets
- Rook Ransomware
- More Log4j
- Ukraine Cyber Bust
- UK NHS
- Who’s Winning?
- Google Docs
- The Electric Grid’s Hot Wires
- BLM suing LAPD
Link to full report: IR-22-014-001_weekly014.pdf
- Red Sky Alliance identified 33,092 connections from new unique IP Addresses
- Analysts identified 1,485 new IP addresses participating in various Botnets
- Variations of dnSpy is still being used as a Lure
- Agent Tesla
- Phishing Campaigns Targeting NGOs
- Bing v. Google and Videos
- Chinese general buys land in TX, why?
- Cloud service company Fastly, Shut Down
- Quanta Computer – Taiwan
- Amazon Prime accused of Spying??
Link to full report: IR-
- Red Sky Alliance identified 34,034 connections from new unique IP addresses
- Analysts identified 3,876 new IP addresses participating in various Botnets
- 20 new unique email accounts compromised with Keyloggers were observed this week
- Soccer player’s name Berat Can Sonmez is being used to lure Victims
- EggShell Malware
- New US-IRS Phishing Campaign
- WordPress Vulnerabilities
- ClearURL and Goggle
- Honeywell and Molson Coors Attacked
- Manufacturing IT & OT
In addition to the aggravation of having to find the “car” in a series of pictures, a phishing attack targeting Microsoft users leverages a bogus Google reCAPTCHA system. Microsoft users are being targeted with thousands of phishing emails, in an ongoing attack aiming to steal their Office 365 credentials. The attackers add an air of legitimacy to the campaign by leveraging a fake Google reCAPTCHA system and top-level domain landing pages that include the logos of victims’ companies.
Note: this page contains paid content.
Please, subscribe to get an access.