Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe, Google Chrome and Apple iOS users may have their own zero-day patching to do. On Sept. 7, researchers at Citizen Lab warned they were seeing active exploitation of a "zero-click," zero-day flaw to install spyware on iOS devices without any interaction from the victim. READ MORE...
Global cryptocurrency exchange CoinEX announced that someone hacked its hot wallets and stole large amounts of digital assets that were used to support the platform's operations. The incident occurred on September 12 and preliminary results of the investigation show that the unauthorized transactions involved Ethereum ($ETH), Tron ($TRON), and Polygon ($MATIC) cryptocurrency. READ MORE...
Espionage-ware thought to have been developed by China has once again been spotted within the power grid of a neighboring nation. According to Symantec's Threat Hunter Team on Tuesday, a team dubbed Redfly infiltrated the national grid of an unnamed Asian nation using the ShadowPad Trojan, stole credentials, installed additional malware, and moved laterally to multiple systems on the infected network during six months of persistent access. READ MORE...
Valid, compromised account credentials were the initial access vector for more than 1 in 3 cloud intrusions observed by IBM Security X-Force during the last year, making it the most common point of entry across all cloud security incidents. Credentials used as an initial access vector for cloud intrusions jumped from 9% in 2022 to 36% this year, IBM Security X-Force said Wednesday in its cloud threat landscape report. READ MORE...
The dark web marketplaces dedicated to the trade of credentials and vulnerabilities boasts some big names in enterprise compromises, Flashpoint research released Tuesday shows. Three reported purchases of vulnerability exploits on the dark web during the first half of the year included high profile, actively exploited CVEs, according to the threat intelligence firm. READ MORE...
Today, while I was browsing through my Facebook feed, I came across an ad by "Google Bard AI", suggesting to download and try out the latest version of Google's legitimate AI tool "Bard". My first "huh?" moment was that the shortened URL didn't include any Google reference but rather a link to rebrand.ly - a service with no obvious ties to Google and with offices in Dublin, Ireland. It seemed odd for an internet giant to be using the services of another provider and my suspicion was triggered. READ MORE...
A download site surreptitiously served Linux users malware that stole passwords and other sensitive information for more than three years until it finally went quiet, researchers said on Tuesday. The site, freedownloadmanager[.]org, offered a benign version of a Linux offering known as the Free Download Manager. Starting in 2020, the same domain at times redirected users to the domain deb.fdmpkg[.]org, which served a malicious version of the app. READ MORE...
Some smart cookies at institutions in China and Singapore have devised a technique for reading keystrokes and pilfering passwords or passcodes from Wi-Fi-connected mobile devices on public networks, without any hardware hacking. The technique is made possible thanks to beamforming feedback information (BFI), which consists of data about wireless signal characteristics that turns out to be useful for ensuring a strong network connection and for applications like Wi-Fi sensing. READ MORE...
Researchers have found a new method by which cybercriminals are spreading the DarkGate Loader malware. Until now, DarkGate was typically distributed via phishing emails. The malspam campaign used stolen email threads to lure victims into clicking a hyperlink, which downloaded the malware. But Malwarebytes also found DarkGate reloaded via malvertising and SEO poisoning campaigns. READ MORE...