How was your Easter bank holiday? Did you use it well by, for instance, preventing a globally destructive cyber-attack? No? Try harder, then. Last weekend, a cautious, longstanding and very nearly successful attempt to insert a backdoor into a widely used piece of open-source software was thwarted, effectively by accident. Below is from Ars Technica.[1] Researchers have found a malicious backdoor in a compression tool that made its way into widely used Linux distributions, including those f
All Articles (2242)
Sort by
Let’s face it, we are all aware of the ever-increasing cyber risk in both our personal lives, workplace and wider society. As consumers we hand over ever-increasing volumes of valuable personal data in the expectation that organizations will invest in robust cyber security to protect it and keep it secure. Legislation also exists to drive standards through UK General Data Protection Regulation (GDPR) with the potential for up to a 4 per cent fine on global turnover for companies failing to adh
Phishing-as-a-service, or PhaaS, is a cyber threat subscription service, much like any number of other “as a service” types you may be familiar with, such as ransomware-as-a-service. One of the noted early pioneers of this model is BulletProofLink. This operation was taken down by Malaysian law enforcement in November of last year in collaboration with the Australian Federal Police and the FBI.
The general ideal of phishing-as-a-service is that service providers are offering ready-to-use phis
Apple's latest acquisition of yet another AI startup provides insight into the tech giant's plans for artificial intelligence in 2024. The startup, DarwinAI, is a Canadian visual quality inspection business that has developed ways to make AI systems smaller and more efficient. Apple’s CEO Tim Cook has vowed to share more details about the company's AI advancements in 2024, and this latest acquisition of a company that makes AI systems run efficiently on smaller devices could reinforce the idea
ANY.RUN[1] the interactive malware sandbox provider, has issued a warning about BunnyLoader, a rapidly evolving malware written in C/C++. The new version, BunnyLoader 3.0, boasts enhanced capabilities and requires users and organizations to be more vigilant than ever.
Released just in September 2023, BunnyLoader's malicious functions range from exfiltrating credentials to stealing cryptocurrency wallets and dropping additional malware.
Here are some of the key changes introduced in BunnyLoader
The Checkmarx Research team recently discovered an attack campaign targeting the software supply chain, with evidence of successful exploitation of multiple victims. These include the Top.gg GitHub organization (a community of over 170k users) and several individual developers. The threat actors used multiple TTPs in this attack, including account takeover via stolen browser cookies, contributing malicious code with verified commits, setting up a custom Python mirror, and publishing malicious
Most attempts at building a humanoid robot, such as Tesla's Optimus, focus on assisting humans with physical, manual tasks. A company called Figure, https://www.figure.ai, is among the AI robotics startups unsatisfied with just movement. The figure is trying to take its humanoid robots to the next level by integrating language, and the results are quite impressive. The figure has designed their robots for the human world, using the human form. Their robot, Figure 1, combines the human form's
Beginning 7 March 2024, EclecticIQ analysts identified an uncategorized threat actor that utilized a modified version of the open-source information stealer HackBrowserData[1] to target Indian government entities and energy sector. The information stealer was delivered via a phishing email, masquerading as an invitation letter from the Indian Air Force. The attacker utilized Slack channels as exfiltration points to upload confidential internal documents, private email messages, and cached web b
Meta’s decision to close its CrowdTangle division, a tool that tracks content across social media, has raised the ire of more than 100 research and advocacy groups who say it will make it harder to fight disinformation.
Groups including the Mozilla Foundation, the Center for Democracy and Technology and Access Now sent the social media behemoth an open letter Thursday decrying the decision to shutter the unit in August, asking Meta to, at a minimum, invest in CrowdTangle through January. Meta a
On 16 March 2024, Sentinel Labs identified a suspicious Linux binary uploaded from Ukraine. Initial analysis showed surface similarities with the infamous AcidRain wiper used to disable KA-SAT modems across Europe at the start of the Russian invasion of Ukraine (commonly identified by the ‘Viasat hack’ misnomer). Since our initial finding, no similar samples or variants have been detected or publicly reported until now. This new sample is a confirmed variant called ‘AcidPour’, a wiper with si
A sophisticated Brazilian banking Trojan uses a novel method to hide its presence on Android devices. A multi-tooled Trojan cuts apart Brazil's premier wire transfer app. Could similar malware do the same to Venmo, Zelle, or PayPal?
"PixPirate" is multipronged malware specially crafted to exploit Pix, an app for making bank transfers developed by the Central Bank of Brazil. Pix makes a good target for Brazil-nexus cybercriminals since, despite being hardly three years old, it is already integr
Britain’s democracy is under threat from Chinese cyber-attacks, this reported as Parliament was informed on 25 March of this warning after the hacking of voter details and the targeting of several China hawks in Parliament has occurred. The UK’s Deputy Prime Minister, briefed MPs on the cyberthreat from China and is expected to announce reprisals against those believed to be involved, according to government insiders. He pointed the finger at China over an alleged hacking that hit British vote
Leaders of South Florida’s Port Everglades and Port Miami have met with US Coast Guard officials to review cybersecurity programs aimed at reducing the possibility that giant Chinese-made cranes operating at the region’s ports and others in the US pose a national security threat.
In late February, the Biden administration announced it planned to invest billions in the US manufacture of ship-to-shore cranes that transfer millions of tons of cargo annually at major American seaports. The action
DarkGate malware operators have been exploiting a now-patched Windows SmartScreen bypass flaw through a phishing campaign that distributes fake Microsoft software installers to propagate the malicious code. Researchers discovered a then zero-day Internet Shortcut Files security feature bypass vulnerability tracked as CVE-2024-21412 earlier this year. Microsoft patched it as part of its February 2024 edition of Patch Tuesday updates. That was not before attackers such as Water Hydra exploited i
Two teenage boys from Miami, FL, were arrested in December of last year for allegedly creating and sharing AI-generated nude images of male and female classmates without consent, according to police reports obtained via a public record request. The arrest reports say the boys, aged 13 and 14, created the images of the students “between the ages of 12 and 13.” For readers who have watched the 1981 sex comedy film “Porky’s,” this mischief is similar but is a 21st-century version. https://www.jus
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint distributed denial-of-service (DDoS) attack guidance for federal, state, local, tribal, and territorial government entities to serve as a comprehensive resource to address the specific needs and challenges faced by government agencies in defending against DDoS attacks.
Distributed denial-of-service a
Our friends at Fortinet, https://www.fortinet.com has patched a critical Remote Code Execution (RCE) vulnerability in its FortiClient Enterprise Management Server (EMS) for managing endpoint devices. The flaw, identified as CVE-2024-48788, stems from an SQL injection error in a direct-attached storage component of the server. It gives unauthenticated attackers a way to execute arbitrary code and commands with system admin privileges on affected systems, using specially crafted requests.[1]
For
The attached US DHS CISA fact sheet provides an overview for executive leaders on the urgent risk posed by People’s Republic of China (PRC) state-sponsored cyber actors known as “Volt Typhoon.” CISA—along with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and other US government and international partners1—released a major advisory on 7 February 2024, in which the U.S. authoring agencies warned cybersecurity defenders that Volt Typhoon has been pre-positioning t
The first person in the UK to be convicted of a ‘cyber flashing’ offence has been jailed for 66 weeks after a judge warned him, she had a “duty to protect” victims. The sentence was passed down at Southend Crown Court after sending unsolicited explicit photos to a 15-year-old and a woman. The 39-year-old male, from Basildon, Essex, sent the victims digital pictures of his genitals on 9 February 2024.[1]
Cyber flashing refers to the sending of an unsolicited sexual image to people via social m
The technical article below from Palo Alto Networks focuses on the newly released BunnyLoader 3.0, a historical observation of BunnyLoader infrastructure, and an overview of its capabilities. BunnyLoader is dynamically developing malware that can steal information, credentials, and cryptocurrency and deliver additional malware to its victims. In an increasingly cutthroat market, cybercriminals must regularly update and retool their malware to compete with other cybercriminals, security tools,
