Items tagged with security
A new report by cybersecurity firm Mandiant details an ongoing hacking campaign targeting Microsoft 365. The threat actor behind this campaign is an advanced persistent threat (APT) known as “Cozy Bear” or simply “APT29.” APT29 is thought to be a Russian hacking group sponsored by the Russian Foreign Intelligence...
Read more...
Plex, a company that provides media streaming solutions, sent out emails early this morning informing users of a data breach. According to the notice, Plex launched an investigation yesterday after discovering suspicious activity on one of its databases. The investigation revealed that a third-party actor managed to...
Read more...
Successful hacking involves more than just gaining unauthorized access to a system. Once inside, malicious actors like to cover their tracks not only to prevent getting caught, but also to maximize how much data they can extract. To this end, the Iranian-backed hacker group known as Charming Kitten has been discovered...
Read more...
Over the weekend, a ransomware attack hit a French hospital, forcing the facility to turn away patients. The staff of the affected hospital, the Centre Hospitalier Sud Francilien (CHSF), has had to return to using pen and paper to keep track of patients, as the main computer systems have been rendered inaccessible...
Read more...
It appears as though the Meta-owned image-sharing social media app Instagram is testing a new feature internally. That feature is known as Candid Challenges. The feature is intended to notify people that they have two minutes to take out their phone, open Instagram, and take a photo of their surroundings and a selfie...
Read more...
Security researcher Michael Horowitz, not to be confused with the current United States Inspector General, has been updating a blog post titled "VPNs on iOS are a scam" ever since May 2022. The rather lengthy post goes into detail about data leaks that occur outside of a VPN tunnel on iOS. The issue was first reported...
Read more...
We wrote last week about research showing that Meta takes advantage of the in-app browser feature on mobile devices to inject JavaScript into web pages viewed in the Facebook, Instagram, and Messenger mobile apps. Now that same researcher has found that the TikTok in-app browser injects JavaScript which functions...
Read more...
Threat intelligence firm Recorded Future has published a report concerning a long-term credential theft campaign targeting humanitarian, think tank, and government organizations. A hacking group known as RedAlpha is carrying out this ongoing campaign, and is known to have been active as far back as 2015. However, it...
Read more...
An Android banking Trojan with an already extensive toolkit recently gained a ransomware module. While banking malware is an all too prevalent a threat for mobile devices, ransomware isn’t a technique commonly deployed against mobile devices, making this particular piece of malware notable. Banking Trojans come in the...
Read more...
When you update your virtual meeting software, you usually don't expect some random software to install all on its own or run commands of its own volition. If you use Zoom on a Mac though, that is exactly what is possible. This is thanks to an exploit in the Zoom updater that was outlined by Objective-See security...
Read more...
Facebook’s collection and sale of user data for advertising purposes took a huge hit when Apple introduced its App Tracking Transparency (ATT) feature, with Facebook projecting that it will lose out on $10 billion in revenue this year. However, it appears that Meta, Facebook’s parent company, may still have some...
Read more...
It has been a long time coming, but the tech giant Meta has finally realized that its users might just want a little bit of privacy. As of August 11th, it has started testing end-to-end encryption for the Messenger portion of its popular social media platform, Facebook.
In a Messenger News blog post, Facebook has...
Read more...
Cloudflare says that it was hit by the same smishing (sms phishing) attack that recently resulted in a user data breach at Twilio. However, unlike Twilio, Cloudflare managed to prevent the attack from escalating to a data breach thanks to its strong security measures. While the attackers managed to steal login...
Read more...
Researchers have detailed the SQUIP attack, which is particularly worrisome for users of AMD Zen 1, Zen 2 and Zen 3 processors. Researchers were able measure the precise degree of Scheduler Queue Usage (i.e., occupancy) via Interference Probing, giving the attack its name. Using this technique, it was possible in...
Read more...
Microsoft has finally released a security update that addresses a zero-day vulnerability that went unpatched for more than two years. The vulnerability, known as DogWalk, appears in the national vulnerability index as CVE-2022-34713. Microsoft has assigned the vulnerability a high severity rating of 7.8. The company’s...
Read more...
If we’ve learned anything from reporting on phishing attacks, it’s that no company, organization, or institution is immune from becoming the victim of one. Even the US Department of Defense recently fell victim to a $23.5 million phishing scam. If anything, larger organizations simply make for larger and more...
Read more...
We put a lot of faith in the prospect that our information is secure. Unfortunately, this is often just not the case. It is not hard for hackers and security ne'er-do-wells to get access to peoples' accounts when they use weak passwords incorporating little more than birthdates and pet names. This is especially true...
Read more...
The US Government’s Cybersecurity and Infrastructure Security Agency (CISA) maintains a list of exploited vulnerabilities and releases notices urging organizations, particularly government agencies and contractors, to patch said vulnerabilities. However, CISA isn’t the only one looking out for US infrastructure. Ken...
Read more...
Malware campaigns employ different techniques to smuggle malicious software onto computing devices without the notice of users or anti-virus systems. Threat actors who develop and distribute malware frequently rely on various forms of mimicry to take advantage of users’ trust in legitimate websites, services, and...
Read more...
In May of last year, Colonial Pipeline was struck by a ransomware attack, prompting the Colonial Pipeline Company to take certain systems offline in an attempt to contain the attack. As a result, all pipeline operations were temporarily halted, shutting off the flow of fuel to the eastern seaboard. Shortly thereafter...
Read more...
Google is engaged in a never ending game of cat and mouse with threat actors on its Play Store who employ different techniques to sneak malware-ridden apps onto the app store. We fairly regularly write about newly discovered batches of malicious apps that went unrecognized as such long enough to infect hundreds of...
Read more...
Macros can be highly useful tools in Microsoft Office. Most Microsoft Office macros use Visual Basic for Applications (VBA) or Excel 4.0 macros (XLM). These programming and macro languages have a surprising amount of access to system resources on Windows machines, especially considering they only run from within...
Read more...
