Learn more about a failed extortion scheme against Dragos in May 2023. No Dragos systems were breached, including anything related to the Dragos Platform.
The International Mobile System Is Exposed and a Loophole Allows Hackers, Cybercriminals and States to Geolocate Targets and Even Hijack Email and Web Accounts. Israelis Can Be Found Among the Victims - and the Attackers
“Russia used sophisticated malware to steal sensitive information from our allies, laundering it through a network of infected computers in the United States in a cynical attempt to conceal their crimes. Meeting the challenge of cyberespionage requires creativity and a willingness to use all lawful means to protect our nation and our allies,” stated United States Attorney Peace. “The court-authorized remote search and remediation announced today demonstrates my Office and our partners’ commitment to using all of the tools at our disposal to protect the American people.”
Which extended attributes are attached to downloaded archives and apps? How do they fit in with provenance tracking?
Summary Snake, also known as Turla, Uroburos and Agent.BTZ, is a relatively complex malware framework used for targeted attacks. Over the past year Fox-IT has been involved in multiple incident response cases where the Snake framework was used to steal sensitive information. Targets include government institutions, military and large corporates. Researchers who have previously analyzed…
The Snake implant is considered the most sophisticated cyber espionage tool designed and used by Center 16 of Russia’s Federal Security Service (FSB) for long-term intelligence collection on sensitive targets. To conduct operations using this tool, the FSB created a covert peer-to-peer (P2P) network of numerous Snake-infected computers worldwide. Many systems in this P2P network serve as relay nodes which route disguised operational traffic to and from Snake implants on the FSB’s ultimate targets. Snake’s custom communications protocols employ encryption and fragmentation for confidentiality and are designed to hamper detection and collection efforts.
Binarly is the world's most advanced automated firmware supply chain security platform. Using cutting-edge machine-learning techniques, Binary identifies both known and unknown vulnerabilities, misconfigurations, and malicious code in firmware and hardware components.
This month we got patches for 49 vulnerabilities. Of these, 6 are critical, and 2 are already being exploited, according to Microsoft.
One of the exploited vulnerabilities is a Win32k Elevation of Privilege Vulnerability (CVE-2023-29336). This vulnerability has low attack complexity, low privilege, and none user interaction. The attack vector is local, the CVSS is 7.8, and the severity is Important.
Microsoft today released software updates to fix at least four dozen security holes in its Windows operating systems and other software, including patches for two zero-day vulnerabilities that are already being exploited in active attacks.
Apple Inc. failed to fully revive a long-running copyright lawsuit against cybersecurity firm Corellium Inc. over its software that simulates the iPhone’s iOS operating systems, letting security researchers identify flaws in the software.
An issue has been discovered in the Linux kernel that can be abused by
unprivileged local users to escalate privileges.
The issue is about Netfilter nf_tables accepting some invalid updates
to its configuration.
PlugwalkJoe, aka Joseph James O’Connor, a UK citizen connected to the 2020 Twitter hack affecting many high-profile accounts, including Elon Musk, Joe Biden, Barack Obama, and Apple, has pled guilty to cyberstalking and other crimes. On Tuesday, the Department of Justice (DOJ) announced that O’Connor has been extradited to the US.
For a decade, a group called Big Pipes has worked behind the scenes with the FBI to target the worst cybercriminal “booter” services plaguing the internet.
WHEN THE FBI announced the takedown of 13 cyberattack-for-hire services yesterday, it may have seemed like just another day in law enforcement’s cat-and-mouse game with a criminal industry that has long plagued the internet’s infrastructure, bombarding victims with relentless waves of junk internet traffic to knock them offline. In fact, it was the latest win for a discreet group of detectives that has quietly worked behind the scenes for nearly a decade with the goal of ending that plague for good.
The long read: Bulgaria in the 1980s became known as the ‘virus factory’, where hundreds of malicious computer programs were unleashed to wreak havoc. But who was writing them, and why?
Videostream is a user-friendly wireless application designed to stream videos, music, and images to Google Chromecast devices. Boasting simplicity and reliability, this app enables you to wirelessly play any local video file with a single click. Videostream even transcodes audio and video from incompatible files into Chromecast-supported formats.
With over 5 million installations, Videostream has made its mark in the streaming industry. This figure was obtained from their official website (https://getvideostream.com), while the Chrome app store lists 900,000+ users.
Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Advanced Custom Fields PRO Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 6.1.6.
There is a critical security flaw in a Cisco phone adapter, and the business technology giant says the only step to take is dumping the hardware and migrating to new kit.
In an advisory, Cisco this week warned about the vulnerability in the SPA112 2-Port Adapter that, if exploited, could allow a remote attacker to essentially take control of a compromised device by seizing full privileges and executing arbitrary code.
The flaw, tracked as CVE-2023-20126, is rated as "critical," with a base score o
One evening in late December last year, I received a cryptic phone call from a PR director at TikTok, the popular social media app. I’d written extensively about the company for the Financial Times, so we’d spoken before. But it was puzzling to hear from her just before the holidays, especially since I wasn’t working on anything related to the company at the time.
The new Akira ransomware operation has slowly been building a list of victims as they breach corporate networks worldwide, encrypt files, and then demand million-dollar ransoms.
A recent breach in MSI's servers exposed Intel's BootGuard keys and has now put the security of various devices at risk.
Major MSI Breach Affects The Security of Various Intel Devices
Last month, a hacker group by the name of Money Message revealed that they had breached MSI's servers and stolen 1.5 TBs of data from the company's servers including source code amongst a list of various files that are important to the integrity of the company. The group asked MSI to pay $4.0 million in ransom to avert them from releasing the files to the public but MSI refused the payment.
