Hackers likely affiliated with the Chinese government have been going after North India's power supply, according to a report by Recorded Future. Researchers observed "likely" network intrusions of at least seven state centers that carry out real-time grid control and electricity dispatch, according to the Wednesday evening report. The activity has been concentrated in North India, where China has clashed with India over disputed territory on the Himalayan border. READ MORE...
Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. But few organizations have a playbook for responding to the kinds of virtual "smash and grab" attacks we've seen recently from LAPSUS$, a juvenile data extortion group whose tactics have put some of the world's biggest corporations on edge. READ MORE...
Mobile malware analysts warn about a set of applications available on the Google Play Store, which collected sensitive user data from over 45 million installs of the apps. The apps collected this data through a third-party SDK that includes the ability to capture clipboard content, GPS data, email addresses, phone numbers, and even the user's modem router MAC address and network SSID. READ MORE...
A data theft tool used by the ransomware group tracked as BlackCat, ALPHV and Noberus suggests that the cybercriminals are increasingly interested in targeting industrial organizations. The BlackCat ransomware group, which operates under a ransomware-as-a-service (RaaS) model, emerged in November 2021 and it has since targeted organizations worldwide, including many in the United States. READ MORE...
VMware has warned customers to immediately patch critical vulnerabilities in multiple products that threat actors could use to launch remote code execution attacks. "This critical vulnerability should be patched or mitigated immediately per the instructions in VMSA-2021-0011. The ramifications of this vulnerability are serious," VMware warned on Wednesday. READ MORE...
Between 35% and 40% of all supported Macs might be at heightened risk of compromise from two zero-day vulnerabilities that Apple has said are being exploited in the wild, but for which the company has not yet issued a patch. Apple disclosed the two vulnerabilities - CVE-2022-22675 and CVE-2022-22674 - last week and described them as impacting devices running its macOS, iOS, and iPadOS operating systems READ MORE...
A server-side request forgery (SSRF) flaw in an API of a large financial technology (fintech) platform potentially could have compromised millions of bank customers, allowing attackers to defraud clients by controlling their bank accounts and funds, researchers have found. A team at Salt Security's Salt Labs identified the vulnerability which allows clients to transfer money from their accounts on its platform into their bank accounts, researchers disclosed in a report published Thursday. READ MORE...