Software giant Microsoft on Wednesday sounded an alarm after catching a known Russian government-linked hacking group using its Microsoft Teams chat app to phish for credentials at targeted organizations. According to a research report from Redmond's Threat Intelligence team, the hacking team is linked to the Foreign Intelligence Service of the Russian Federation (also known as the SVR). READ MORE...
Hundreds of Citrix Netscaler ADC and Gateway servers have already been breached and backdoored in a series of attacks targeting a critical remote code execution (RCE) vulnerability tracked as CVE-2023-3519. The vulnerability was previously exploited as a zero-day to breach the network of a U.S. critical infrastructure organization. Security researchers from the Shadowserver Foundation have disclosed that attackers had deployed web shells on at least 640 Citrix servers in these attacks. READ MORE...
In a futile attempt to evade detection, the Russian espionage group "BlueCharlie" has swapped out all of its old infrastructure for a network of 94 new domains. BlueCharlie - aka "Calisto," "COLDRIVER," "SEABORGIUM," and "StarBlizzard" - is a threat actor linked to groups that have been active since at least 2017. In the past, it has targeted organizations across the government, defense, education, and political sectors, as well as NGOs, think tanks, and journalists. READ MORE...
Researchers say mobile malware purveyors have been abusing a bug in the Google Android platform that lets them sneak malicious code into mobile apps and evade security scanning tools. Google says it has updated its app malware detection mechanisms in response to the new research. At issue is a mobile malware obfuscation method identified by researchers at ThreatFabric, a security firm based in Amsterdam. READ MORE...
If you ask Alexa, Amazon's voice assistant AI system, whether Amazon is a monopoly, it responds by saying it doesn't know. It doesn't take much to make it lambaste the other tech giants, but it's silent about its own corporate parent's misdeeds. When Alexa responds in this way, it's obvious that it is putting its developer's interests ahead of yours. Usually, though, it's not so obvious whom an AI system is serving. READ MORE...
Minecraft players interested in modding are potentially at risk of compromise. A Remote Code Execution (RCE) vulnerability in certain Minecraft mods allows for malicious commands on both servers and clients. The vulnerability, named BleedingPipe, allows attackers to take over a targeted server. Minecraft modding is immensely popular, with a potentially huge number of servers in the wild doing their own thing. There's a custom game type or world state for everybody. READ MORE...
Tesla cars are susceptible to a nearly irreversible jailbreak of their onboard infotainment systems that would allow owners to unlock a bevy of paid in-car features for free. The stolen perks can run the gamut from better bandwidth to faster acceleration and heated seats, according to a team of academic researchers. The researchers also found that it's also possible to escape the infotainment system and pivot to the internal Tesla network for authenticating cars. READ MORE...
Threat actors have exploited a Salesforce zero-day vulnerability and abused Meta features in a sophisticated phishing campaign, according to web browsing security company Guardio. Attackers sent out legitimate-looking emails designed to lure targeted users to a phishing page where they were instructed to hand over their Facebook account information, including their name, account name, email address, phone number, and password. READ MORE...