Researchers have revealed a never-before-seen piece of cross-platform malware that has infected a wide range of Linux and Windows devices, including small office routers, FreeBSD boxes, and large enterprise servers. Black Lotus Labs, the research arm of security firm Lumen, is calling the malware Chaos, a word that repeatedly appears in function names, certificates, and file names it uses. READ MORE...
American business magazine Fast Company has confirmed that its Apple News account was hijacked after hackers compromised its content management system (CMS). The monthly magazine focuses on business, technology, and design. In addition to its online version, the magazine publishes six print issues each year. On Tuesday evening, Apple News took it to Twitter to announce that Fast Company's account was suspended after hackers had used it to post two offensive messages. READ MORE...
Security researchers have discovered a new campaign targeting multiple military contractors involved in weapon manufacturing, including an F-35 Lightning II fighter aircraft components supplier. The highly targeted attacks begin with a phishing email sent to employees, leading to a multi-stage infection involving many persistence and detection avoidance systems. READ MORE...
U.S. businesses were targeted by nearly half of all publicly acknowledged ransomware attacks globally between January 2020 and July 2022, according to data collected by NordLocker and published Tuesday in a report. Of the 5,200 cases recorded on ransomware groups' sites, U.S. organizations accounted for almost 2,400 incidents. Businesses in California, Texas, Florida and New York suffered the greatest number of ransomware attacks. READ MORE...
Developers of the open source Matrix messenger protocol released an update on Wednesday to fix critical end-to-end encryption vulnerabilities that subvert the confidentiality and authentication guarantees that have been key to the platform's meteoric rise. Matrix is a sprawling ecosystem of open source and proprietary chat and collaboration clients and servers that are fully interoperable. The best-known app in this family is Element, a chat client for Windows, macOS, iOS, and Android. READ MORE...
A quickly expanding botnet called Chaos is targeting and infecting Windows and Linux devices to use them for cryptomining and launching DDoS attacks. This Go-based malware can also infect various architectures, including x86, x86-64, AMD64, MIPS, MIPS64, ARMv5-ARMv8, AArch64, and PowerPC, used by a wide range of devices from small office/home office routers and enterprise servers. READ MORE...
Zoom video call software continues to be a staple in work environments. Despite a slow, post-lockdown easing back to the "old normal," many businesses still have remote workers, or people working in different geographies. It's no surprise then to see criminals continuing to abuse Zoom's popularity, in the hope of netting interested parties and, potentially, luring current users into downloading and installing malware. READ MORE...
Threats against cloud-native infrastructure are on the rise, particularly as attackers target cloud and container resources to power their illicit cryptomining operations. In the latest twist, cybercriminals are wreaking havoc on cloud resources to both propagate and run cryptojacking enterprises in costly schemes that cost victims some $50 in cloud resources for every $1 worth of cryptocurrency that the crooks mine off of these compute reserves. READ MORE...
Cisco this week has confirmed that tens of its enterprise routers and switches are impacted by bypass vulnerabilities in the Layer-2 (L2) network security controls. An attacker can bypass the controls provided by these enterprise devices by sending crafted packets that would trigger a denial-of-service (DoS) or allow them to perform a man-in-the-middle (MitM) attack. READ MORE...