Security

0 Comments
Threat actors associated with BazarLoader, TrickBot and IcedID malware are now increasingly deploying the loader known as Bumblebee to breach target networks and subsequently conduct post-exploitation activities. The news comes from the Cybereason Global Security Operations Center (GSOC) team, who published a new advisory about Bumblebee on Thursday. “[We] observed threat actors transitioning from BazarLoader, Trickbot,
0 Comments
The Cybersecurity and Infrastructure Security Agency (CISA) has published a new advisory warning of threat actors actively exploiting five different vulnerabilities in the Zimbra Collaboration Suite (ZCS). The document was compiled in collaboration with the Multi-State Information Sharing & Analysis Center (MS-ISAC) and explains how threat actors may be targeting unpatched ZCS instances in both
0 Comments
by Paul Ducklin At the well-known DEF CON security shindig in Las Vegas, Nevada, last week, Mac cybersecurity researcher Patrick Wardle revealed a “get-root” elevation of privilege (EoP) bug in Zoom for Mac: Mahalo to everybody who came to my @defcon talk “You’re M̶u̶t̶e̶d̶ Rooted” 🙏🏽 Was stoked to talk about (& live-demo 😅) a
0 Comments
A remote-code-execution (RCE) vulnerability affecting Zimbra Collaboration Suite (ZCS) email servers was exploited without valid administrative credentials, unlike previously believed. The finding come from security researchers at Volexity, who detailed them in an advisory published on Wednesday. While the RCE issue (tracked CVE-2022-27925) was patched by Zimbra in March 2022, in July and early August 2022 Volexity investigated
0 Comments
Cyber-criminals spreading malware families are shifting to shortcut (LNK) files to deliver malware, HP Wolf Security’s latest report suggests. According to the new research, shortcuts are gradually replacing Office macros (which are starting to be blocked by default by Microsoft) as a way for attackers to get a foothold within networks by tricking users into
0 Comments
A new analysis by Kaspersky unveiled a wave of targeted attacks on military-industrial complex enterprises and public institutions in Belarus, Russia, Ukraine and Afghanistan. The cybersecurity company made the announcement in an advisory published on Monday, which claims the attackers were able to penetrate several enterprises and hijack the IT infrastructure of some of them.
0 Comments
by Paul Ducklin Popular collaboration tool Slack (not to be confused with the nickname of the world’s longest-running Linux distro, Slackware) has just owned up to a cybersecurity SNAFU. According to a news bulletin entitled Notice about Slack password resets, the company admitted that it had inadvertently been oversharing personal data “when users created or
0 Comments
ReversingLabs researchers discovered a new ransomware family targeting Linux-based systems in South Korea. Dubbed GwisinLocker, the malware was detected by ReversingLabs on July 19 while undertaking successful campaigns targeting firms in the industrial and pharmaceutical space. “In those incidents, it often launched attacks on public holidays and during the early morning hours (Korean time) – looking to
0 Comments
Cybersecurity-focussed non-profit CREST has partnered up with the Open Web Application Security Project (OWASP) to release the OWASP Verification Standard (OVS). The move aims to provide mobile and web app developers with enhanced security assurance and accredited organizations with improved access to the app development industry. “Both CREST and OWASP are non-profit organizations and we
0 Comments
European missile maker MBDA has publicly denied some of the hacking allegations against the company made on a dark web forum in July and posted on Twitter by Today Cyber News on Tuesday. The self-proclaimed hacking group who first made the allegation went under the name “Andrastea,” and claimed to have obtained roughly 60 GB of
0 Comments
by Paul Ducklin Cryptocurrency protocol Nomad (not to be confused with Monad, which is what PowerShell was called when it first came out) describes itself as “an optimistic interoperability protocol that enables secure cross-chain communication,” and promises that it’s a “security-first cross-chain messaging protocol.” In plain English, it’s supposed to let you swap cryptocurrency tokens
0 Comments
Google published its monthly security bulletin for August on Monday, detailing the latest available patches for Android. A total of 37 vulnerabilities have been patched, including a critical security flaw in the System component that could lead to remote code execution via Bluetooth with no additional execution privileges needed. The Bluetooth vulnerability is tracked as
0 Comments
by Paul Ducklin The best-known cryptographic library in the open-source world is almost certainly OpenSSL. Firstly, it’s one of the most widely-used, to the point that most developers on most platforms have heard of it even if they haven’t used it directly. Secondly, it’s probably the most widely-publicised, sadly because of a rather nasty bug