Cisco informed customers on Thursday that it's working on patches for a high-severity vulnerability affecting some of its IP phones. The flaw, tracked as CVE-2022-20968, impacts 7800 series and 8800 series (except 8821) Cisco IP phones. There are no workarounds, but Cisco did provide a mitigation that can be used until patches are released by the company. CVE-2022-20968 has been described by the networking giant as a stack buffer overflow related to the Discovery Protocol processing feature. READ MORE...
Security researchers have noticed a spike in devices infected with the TrueBot malware downloader created by a Russian-speaking hacking group known as Silence. The Silence group is known for its big heists against financial institutions, and has begun to shift from phishing as an initial compromise vector. The threat actor is also using a new custom data exfiltration tool called Teleport. READ MORE...
A subgroup of the state-backed Iranian threat actor Cobalt Mirage is using a new custom malware dubbed "Drokbk" to attack a variety of US organizations, using GitHub as a "dead-drop resolver." According to MITRE, the use of dead-drop resolvers refers to adversaries posting content on legitimate Web services with embedded malicious domains or IP addresses, in an effort to hide their nefarious intent. READ MORE...
More than 50,000 Android devices were compromised with an Android banking trojan called Xenomorph earlier this year. First reported by ThreatFabric, Xenomorph posed as a system-optimizing app called "Fast Cleaner". Disguising malicious software as device optimizers, battery- or performance-enhancing and other utility tools is a rather common tactic for dangerous Android malware. READ MORE...
The "Microsoft Digital Defense Report" is a compilation of insights from 43 trillion daily security signals that provides organizations with a high-level picture of the threat landscape and current state of cybersecurity. This annual report aggregates security data from organizations and consumers across the cloud, endpoints, and the intelligent edge to help better predict what attackers will do next. READ MORE...
There's been a lot of weird and frankly bizarre attacks over the course of 2022, nestled in amongst the usual ransomware outbreaks and data breaches. Whether we're talking social media, email, or even malware, there's been a mind bending tale of tall behaviour in almost every corner. It's time to forget about nation state attacks and the nagging sensation that every single piece of data ever created has ended up on a TOR site somewhere. READ MORE...
A new attack method named COVID-bit uses electromagnetic waves to transmit data from air-gapped systems, which are isolated from the internet, over a distance of at least two meters (6.5 ft), where it's captured by a receiver. The information emanating from the isolated device could be picked up by a nearby smartphone or laptop. The COVID-bit attack was developed by Ben-Gurion University researcher Mordechai Guri, who has designed multiple methods to steal sensitive data from air-gapped systems stealthily. READ MORE...