Hackers abused an antivirus service for five years in order to infect end users with malware. The attack worked because the service delivered updates over HTTP, a protocol vulnerable to attacks that corrupt or tamper with data as it travels over the Internet. The unknown hackers, who may have ties to the North Korean government, pulled off this feat by performing a man-in-the-middle (MitM) attack that replaced the genuine update with a file that installed an advanced backdoor instead. READ MORE...
Microsoft has rolled back a fix for a known Outlook issue that was causing incorrect security alerts when opening ICS calendar files after installing the December Outlook Desktop security updates. Affected Microsoft 365 users are seeing unexpected warnings that "Microsoft Office has identified a potential security concern" and that "This location may be unsafe" when double-clicking ICS files saved on their devices. READ MORE...
The UK's Leicester City Council was thrown into chaos last month when a crippling cyber attack forced it to shut down its IT systems and phone lines. The INC Ransom group perpetrated the ransomware attack, which reportedly impacted care home workers and the homeless but also saw at least 1.3 terabytes of stolen data published on the dark web. But the ransomware attack on Leicester City Council's infrastructure doesn't stop there. READ MORE...
Russia-linked cyberespionage group APT28 has been observed exploiting Windows Print Spooler vulnerabilities to deploy a custom post-exploitation tool against numerous organizations in the US, Ukraine, and Western Europe, Microsoft reports. Dubbed GooseEgg, the unique tool is a simple launcher application that can spawn other programs with elevated privileges, providing the attackers with capabilities such as remote code execution, backdoor deployment, and lateral movement. READ MORE...
The modern "smart" TV asks a lot of us. In exchange for connecting you to a few streaming services you use, a TV will collect data, show ads, and serve as another vector for bad actors. In a few reported cases, though, a modern connected TV has been blamed for attacks not on privacy, eyeballs, or passwords but on an entirely different computer. The TV in question is a Hisense TV, and the computer is a Windows PC, specifically one belonging to a musician and audio designer in Montréal, Quebec. READ MORE...
Siemens is urging organizations using its Ruggedcom APE1808 devices configured with Palo Alto Networks (PAN) Virtual NGFW to implement workarounds for a maximum severity zero-day bug that PAN recently disclosed in its next-gen firewall product. The command injection vulnerability, identified as CVE-2024-3400, affects multiple versions of PAN-OS firewalls when certain features are enabled on them. An attacker has been exploiting the flaw to deploy a novel Python backdoor on affected firewalls. READ MORE...
Cybersecurity firm Hive Systems has released the results of its latest annual analysis on cracking passwords through brute-force attacks. Hive has been conducting this study for several years and until now it has targeted passwords hashed with the widely used MD5 algorithm. However, MD5 hashes can in many cases be easily cracked and organizations have increasingly turned to more secure algorithms, particularly Bcrypt. READ MORE...