LogoFAIL bugs in UEFI code allow planting bootkits via images
1Dec By RBNo Comments
News

LogoFAIL bugs in UEFI code allow planting bootkits via images

A group of security flaws known as LogoFAIL impact image-parsing parts of the UEFI code from different vendors. Researchers alert the public to the possibility that they could be used to distribute bootkits and control the booting process's execution flow. The problems affect both x86 and ARM architectures because they are in the image parsing libraries that vendors use to display logos during booting. Researchers at the firmware supply chain security platform Binarly claim that the branding has added needless security risks, allowing malicious payloads to be executed by injecting image files read more LogoFAIL bugs in UEFI code allow planting bootkits via images. Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverag...
Read More
WhatsApp’s new Secret Code feature hides your locked chats
1Dec By RBNo Comments
News

WhatsApp’s new Secret Code feature hides your locked chats

WhatsApp has introduced a new Secret Code feature, which allows users to conceal locked chats by entering a custom password. When it arrives at your device, you can set a code (which can also include emojis) that is distinct from the device unlock code to secure locked chats. With this new feature, you can hide the Locked Chats folder from the chat list and then easily access it by entering the secret code in the search bar. You can also choose to keep the folder in the chat list. Locking chats has been streamlined as well, with a long-press action replacing the need to navigate through chat settings read more WhatsApp's new Secret Code feature hides your locked chats. Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough co...
Read More
CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks
1Dec By RBNo Comments
News

CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks

Recently discovered security holes in the cloud analytics and business intelligence platform Qlik Sense are being used by a CACTUS ransomware campaign to gain access to targeted environments. Researchers Stefan Hostetler, Markus Neis, and Kyle Pagelow of Arctic Wolf said that "this campaign marks the first documented instance […] where threat actors deploying CACTUS ransomware have exploited vulnerabilities in Qlik Sense for initial access." The cybersecurity firm, which stated that it is responding to "several instances" of software exploitation, pointed out that the attacks most likely exploit three vulnerabilities that have come read more CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks. Get up to date on the latest cybersecurity news and enhance your ...
Read More
North Korea’s Lazarus Group Rakes in $3 Billion from Cryptocurrency Hacks
1Dec By RBNo Comments
News

North Korea’s Lazarus Group Rakes in $3 Billion from Cryptocurrency Hacks

Since at least 2017, threat actors from the Democratic People's Republic of Korea (DPRK) have been increasingly focusing on the cryptocurrency industry as a significant means of generating revenue in order to evade sanctions placed on the nation. "The regime's ruling elite and its highly trained cadre of computer science professionals have privileged access to new technologies and information, despite the country's severe restrictions on movement both within and outside of it, and its general population's isolation from the outside world," cybersecurity firm Recorded Future said in a report shared with The Hacker News. For a select group of people with promise in computer science and mathematics, special access to resources, technologies, information, and occasionally international ...
Read More
US seizes Sinbad crypto mixer used by North Korean Lazarus hackers
30Nov By RBNo Comments
News

US seizes Sinbad crypto mixer used by North Korean Lazarus hackers

The cryptocurrency mixing service Sinbad has been sanctioned by the U.S. Department of Treasury due to its use by the North Korean hacking group Lazarus as a means of money laundering. A cryptocurrency mixer is a server that lets users deposit cryptocurrency. To help prevent precise tracking, the cryptocurrency is mixed and sent to numerous wallet addresses. After the cryptocurrency is "mixed," the mixing service transfers it to a different wallet address that belongs to the customer, taking a commission from the deposited amount. Today, Sinbad.io (Sinbad) was sanctioned by the Treasury's Office of Foreign Assets Control (OFAC) due to allegations that North Korean hackers read more US seizes Sinbad crypto mixer used by North Korean Lazarus hackers. Get up to date on the lates...
Read More
Dollar Tree hit by third-party data breach impacting 2 million people
30Nov By RBNo Comments
News

Dollar Tree hit by third-party data breach impacting 2 million people

A third-party data breach that affected 1,977,486 individuals was linked to the discount store chain Dollar Tree following the hack of service provider Zeroed-In Technologies. Discount retailer Dollar Tree runs the Dollar Tree and Family Dollar brands in 23,000 locations across the US and Canada. A security incident occurred between August 7 and August 8, 2023, according to a data breach notification that Dollar Tree's service provider, Zeroed-In, shared with the Maine Attorney General. Threat actors were able to obtain data comprising Dollar Tree and Family Dollar employees' personal information during this cyberattack. Although the inquiry was able to establish that these systems had been accessed, it was unable to verify which precise read more Dollar Tree hit by third-party data...
Read More
200+ Malicious Android Apps Targeting Iranian Banks
30Nov By RBNo Comments
News

200+ Malicious Android Apps Targeting Iranian Banks

In order to stay under the radar, an Android malware campaign that targets Iranian banks has increased its functionality and added new evasion techniques. According to a recent Zimperium report, the threat actor was also seen executing phishing attacks against the targeted financial institutions. The report also found over 200 malicious apps connected to the malicious operation. The campaign was initially made public in late July 2023 after Sophos published information about a collection of 40 apps that harvest credentials from users of Bank Mellat, Bank Saderat, Resalat Bank, and the Central Bank of Iran. The main objective of the fraudulent applications is to deceive users into giving them excessive permissions read more 200+ Malicious Android Apps Targeting Iranian Banks. G...
Read More
Iranian Hackers Exploit PLCs in Attack on Water Authority in U.S.
30Nov By RBNo Comments
News

Iranian Hackers Exploit PLCs in Attack on Water Authority in U.S.

The Municipal Water Authority of Aliquippa in western Pennsylvania was the target of a cyberattack that involved the active exploitation of Unitronics programmable logic controllers (PLCs), according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA). The attack has been linked to the hacktivist group Cyber Av3ngers, which is supported by Iran. PLCs connected to [Water and Wastewater Systems] facilities are being targeted by cyber threat actors, the agency said, citing a Unitronics PLC at a U.S. water facility as one example. There is no known risk to the municipality's drinking water or water supply as a result of the affected municipality's water authority swiftly taking the system offline read more Iranian Hackers Exploit PLCs in Attack on Water Authority in U.S....
Read More
New BLUFFS attack lets attackers hijack Bluetooth connections
29Nov By RBNo Comments
News

New BLUFFS attack lets attackers hijack Bluetooth connections

Researchers at Eurecom have created six brand-new attacks, collectively referred to as "BLUFFS," that have the ability to breach Bluetooth session confidentiality and enable man-in-the-middle (MitM) and device impersonation. The attacks' discoverer, Daniele Antonioli, explains that BLUFFS uses two previously undiscovered weaknesses in the Bluetooth standard concerning the generation of session keys to decrypt exchange data. These vulnerabilities are architectural in nature, affecting Bluetooth at a fundamental level rather than being limited to particular hardware or software configurations. Under the tracking ID CVE-2023-24023, the problems affect Bluetooth Core Specifications read more New BLUFFS attack lets attackers hijack Bluetooth connections. Get up to date on the latest ...
Read More
Google Chrome emergency update fixes 6th zero-day exploited in 2023
29Nov By RBNo Comments
News

Google Chrome emergency update fixes 6th zero-day exploited in 2023

In order to combat ongoing attacks, Google has released an emergency security update today that addresses the sixth Chrome zero-day vulnerability of the year. In a new security advisory released today, the company acknowledged the existence of an exploit for the security flaw (tracked as CVE-2023-6345).Google said, "We are aware that there is a live exploit for CVE-2023-6345. Patched versions of the software are now being distributed worldwide to Windows users (119.0.6045.199/.200) and Mac and Linux users (119.0.6045.199), addressing the vulnerability in the Stable Desktop channel. As of earlier today, when BleepingComputer checked for updates, the security update was instantly available, despite the advisory stating read more Google Chrome emergency update fixes 6th zero-day ex...
Read More
Follow Us on Twitter
Follow Us on LinkedIn
Follow Us on YouTube
Follow Us on Facebook