The next post in our XNU memory safety series examines how our hardened kernel allocator performs in the real world against a previously patched but powerful UAF software vulnerability. In this detailed analysis, we find out what might happen if SockPuppet were to meet kalloc_type in iOS 16.
Attackers are distributing malware using a technique that abuses the URL schema.
In this blog post, we will provide details on a BlackCat ransomware incident that occurred in February 2023, where we observed a new capability, mainly used for the defense evasion phase.
European court to decide key liability issues over data breach but question mark hangs over HSE liability for ‘non-material’ damage such as stress
Cyberspace Administration says chip maker failed review, in a move that seems aimed at hitting back at U.S. chip ban
The iPhone maker is concerned workers could release confidential data as it develops its own similar technology.
The malware-infected AllWinner and RockChip-powered Android TV models are still available to purchase on Amazon.
A new ransomware operation is hacking Zimbra servers to steal emails and encrypt files. However, instead of demanding a ransom payment, the threat actors claim to require a donation to charity to provide an encryptor and prevent data leaking.
An overview of the Lemon Group’s use of preinfected mobile devices, and how this scheme is potentially being developed and expanded to other internet of things (IoT) devices. This research was presented in full at the Black Hat Asia 2023 Conference in Singapore in May 2023.
This blog post seeks to draw out some high-level trends and anomalies based on our ongoing tracking of QakBot command and control (C2) infrastructure. By looking at the data with a broader scope, we hope to supplement other research into this particular threat family, which in general focuses on specific infrastructure elements; e.g., daily alerting on active C2 servers.
Interest in OpenAI’s latest version of its interactive language model has spurred a new wave of scam apps looking to cash in on the hype
A vulnerability (CVE-2023-32784) in KeePass can be exploited to retrieve the master password from the software's memory.
The vulnerability was assigned CVE-2023-32784. It should be fixed in KeePass 2.54, which should come out in ~July 2023. Thanks again to Dominik Reichl for his fast response and creative fix!
Discord is notifying users of a data breach that occurred after the account of a third-party support agent was compromised.
Attacker activity in Microsoft Azure that we attribute to a financially motivated threat actor.
Comme d’autres médias, «Le Temps» a été sommé par CH Media et la NZZ, via leurs avocats, de ne publier aucune information confidentielle liée à la cyberattaque subie. En Suisse alémanique, deux médias ont dû modifier des articles en ligne
Highlights: CloudGuard Spectrals detected malicious extensions on the VSCode marketplace Users installing these extensions were enabling attackers to
Fake hardware cryptowallet, and how bitcoins were stolen from it.
Today, the FBI confirmed they have access to the database of the notorious BreachForums (aka Breached) hacking forum after the U.S. Justice Department also officially announced the arrest of its…
An unusual attack/phishing campaign delivering malware while using meme-filled code and complex obfuscation methods continues dropping Xworm payloads for the last few months and is still ongoing today.
