Tag: Risk Management

LogoFAIL bugs in UEFI code allow planting bootkits via images
1Dec By RBNo Comments
News

LogoFAIL bugs in UEFI code allow planting bootkits via images

A group of security flaws known as LogoFAIL impact image-parsing parts of the UEFI code from different vendors. Researchers alert the public to the possibility that they could be used to distribute bootkits and control the booting process's execution flow. The problems affect both x86 and ARM architectures because they are in the image parsing libraries that vendors use to display logos during booting. Researchers at the firmware supply chain security platform Binarly claim that the branding has added needless security risks, allowing malicious payloads to be executed by injecting image files read more LogoFAIL bugs in UEFI code allow planting bootkits via images. Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverag...
Read More
WhatsApp’s new Secret Code feature hides your locked chats
1Dec By RBNo Comments
News

WhatsApp’s new Secret Code feature hides your locked chats

WhatsApp has introduced a new Secret Code feature, which allows users to conceal locked chats by entering a custom password. When it arrives at your device, you can set a code (which can also include emojis) that is distinct from the device unlock code to secure locked chats. With this new feature, you can hide the Locked Chats folder from the chat list and then easily access it by entering the secret code in the search bar. You can also choose to keep the folder in the chat list. Locking chats has been streamlined as well, with a long-press action replacing the need to navigate through chat settings read more WhatsApp's new Secret Code feature hides your locked chats. Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough co...
Read More
CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks
1Dec By RBNo Comments
News

CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks

Recently discovered security holes in the cloud analytics and business intelligence platform Qlik Sense are being used by a CACTUS ransomware campaign to gain access to targeted environments. Researchers Stefan Hostetler, Markus Neis, and Kyle Pagelow of Arctic Wolf said that "this campaign marks the first documented instance […] where threat actors deploying CACTUS ransomware have exploited vulnerabilities in Qlik Sense for initial access." The cybersecurity firm, which stated that it is responding to "several instances" of software exploitation, pointed out that the attacks most likely exploit three vulnerabilities that have come read more CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks. Get up to date on the latest cybersecurity news and enhance your ...
Read More
North Korea’s Lazarus Group Rakes in $3 Billion from Cryptocurrency Hacks
1Dec By RBNo Comments
News

North Korea’s Lazarus Group Rakes in $3 Billion from Cryptocurrency Hacks

Since at least 2017, threat actors from the Democratic People's Republic of Korea (DPRK) have been increasingly focusing on the cryptocurrency industry as a significant means of generating revenue in order to evade sanctions placed on the nation. "The regime's ruling elite and its highly trained cadre of computer science professionals have privileged access to new technologies and information, despite the country's severe restrictions on movement both within and outside of it, and its general population's isolation from the outside world," cybersecurity firm Recorded Future said in a report shared with The Hacker News. For a select group of people with promise in computer science and mathematics, special access to resources, technologies, information, and occasionally international ...
Read More
Dollar Tree hit by third-party data breach impacting 2 million people
30Nov By RBNo Comments
News

Dollar Tree hit by third-party data breach impacting 2 million people

A third-party data breach that affected 1,977,486 individuals was linked to the discount store chain Dollar Tree following the hack of service provider Zeroed-In Technologies. Discount retailer Dollar Tree runs the Dollar Tree and Family Dollar brands in 23,000 locations across the US and Canada. A security incident occurred between August 7 and August 8, 2023, according to a data breach notification that Dollar Tree's service provider, Zeroed-In, shared with the Maine Attorney General. Threat actors were able to obtain data comprising Dollar Tree and Family Dollar employees' personal information during this cyberattack. Although the inquiry was able to establish that these systems had been accessed, it was unable to verify which precise read more Dollar Tree hit by third-party data...
Read More
200+ Malicious Android Apps Targeting Iranian Banks
30Nov By RBNo Comments
News

200+ Malicious Android Apps Targeting Iranian Banks

In order to stay under the radar, an Android malware campaign that targets Iranian banks has increased its functionality and added new evasion techniques. According to a recent Zimperium report, the threat actor was also seen executing phishing attacks against the targeted financial institutions. The report also found over 200 malicious apps connected to the malicious operation. The campaign was initially made public in late July 2023 after Sophos published information about a collection of 40 apps that harvest credentials from users of Bank Mellat, Bank Saderat, Resalat Bank, and the Central Bank of Iran. The main objective of the fraudulent applications is to deceive users into giving them excessive permissions read more 200+ Malicious Android Apps Targeting Iranian Banks. G...
Read More
Iranian Hackers Exploit PLCs in Attack on Water Authority in U.S.
30Nov By RBNo Comments
News

Iranian Hackers Exploit PLCs in Attack on Water Authority in U.S.

The Municipal Water Authority of Aliquippa in western Pennsylvania was the target of a cyberattack that involved the active exploitation of Unitronics programmable logic controllers (PLCs), according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA). The attack has been linked to the hacktivist group Cyber Av3ngers, which is supported by Iran. PLCs connected to [Water and Wastewater Systems] facilities are being targeted by cyber threat actors, the agency said, citing a Unitronics PLC at a U.S. water facility as one example. There is no known risk to the municipality's drinking water or water supply as a result of the affected municipality's water authority swiftly taking the system offline read more Iranian Hackers Exploit PLCs in Attack on Water Authority in U.S....
Read More
Google Chrome emergency update fixes 6th zero-day exploited in 2023
29Nov By RBNo Comments
News

Google Chrome emergency update fixes 6th zero-day exploited in 2023

In order to combat ongoing attacks, Google has released an emergency security update today that addresses the sixth Chrome zero-day vulnerability of the year. In a new security advisory released today, the company acknowledged the existence of an exploit for the security flaw (tracked as CVE-2023-6345).Google said, "We are aware that there is a live exploit for CVE-2023-6345. Patched versions of the software are now being distributed worldwide to Windows users (119.0.6045.199/.200) and Mac and Linux users (119.0.6045.199), addressing the vulnerability in the Stable Desktop channel. As of earlier today, when BleepingComputer checked for updates, the security update was instantly available, despite the advisory stating read more Google Chrome emergency update fixes 6th zero-day ex...
Read More
Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access
29Nov By RBNo Comments
News

Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access

A "severe design flaw" in Google Workspace's domain-wide delegation (DWD) feature has been identified by cybersecurity researchers. This flaw could be used by threat actors to facilitate privilege escalation and gain unauthorized access to Workspace APIs without the need for super admin privileges. In a technical report shared with The Hacker News, cybersecurity firm Hunters stated that "such exploitation could result in theft of emails from Gmail, data exfiltration from Google Drive, or other unauthorized actions within Google Workspace APIs on all of the identities in the target domain." The design flaw, which is still active today, has been given the codename DeleFriend because it allows users to modify delegations that are already in place in Google Workspace read more Design Fl...
Read More
GoTitan Botnet Spotted Exploiting Recent Apache ActiveMQ Vulnerability
29Nov By RBNo Comments
News

GoTitan Botnet Spotted Exploiting Recent Apache ActiveMQ Vulnerability

Threat actors are actively using the recently discovered critical security flaw affecting Apache ActiveMQ to spread a new Go-based botnet called GoTitan and a.NET application called PrCtrl Rat, which has the ability to remotely commandeer the compromised hosts. The attacks take advantage of a remote code execution bug (CVE-2023-46604, CVSS score: 10.0) that has recently been turned into a weapon by a number of hacker groups, including the Lazarus Group. Threat actors have been seen to drop next-stage payloads from a remote server after a successful breach. One of these payloads is GoTitan, a botnet that is intended read more GoTitan Botnet Spotted Exploiting Recent Apache ActiveMQ Vulnerability. Get up to date on the latest cybersecurity news and enhance your knowledge of cyberse...
Read More
Follow Us on Twitter
Follow Us on LinkedIn
Follow Us on YouTube
Follow Us on Facebook