News
News (2811)
Monday, 22 May 2023 12:44
ByteDance’s TikTok Video Editor/Maker CapCut Being Impersonated to Spread Malware
Written by Sean Kalinich
Video editing software CapCut users are being targeted by attackers to push different strains of malware. For those that are not aware of that CapCut is, it is a video editor and maker for TikTok and is the official one…
Read 523 times
Published in
News
Monday, 22 May 2023 11:33
Samsung Discloses Medium Vulnerability Exploited in the Wild First Identified in January 2023
Written by Sean Kalinich
First identified in January of 2023, Samsung has put a warning about a CVSS 4.4 vulnerability (CVE-2023-21492) that Is actively being exploited in the wild. The flaw, which impacts Samsung devices that are running Android 11, 12, and 13, was…
Read 195 times
Published in
News
Monday, 22 May 2023 10:22
PyPI Stops New Users and Uploads to Deal with Malicious User Increase
Written by Sean Kalinich
PyPI (the Python Package Index) has stopped allowing the creation of new accounts and the upload of new packages. This move has been put in place to deal with a massive increase in identified malicious users and packages. This decision…
Read 325 times
Published in
News
Friday, 19 May 2023 16:15
Millions of Android Devices Loaded with Malware Infected OEM Images.
Written by Sean Kalinich
TrendMicro made a shocking revelation at Black Hat Asia 2023 where they disclosed an operation that has been running since 2018 targeting Android devices. The scheme was uncovered in 2021 while researchers at TrendMicro were looking into SMS PVA (Phone…
Read 652 times
Published in
News
Friday, 19 May 2023 13:57
Apple Pushes Out Patches for Three Zero-Day Vulnerabilities Exploited in the Wild
Written by Sean Kalinich
Apple has rushed to release patches for CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373 all of which are in the WebKit Browser engine and across all Apple platforms (IOS, IpadOS and macOS). These three flaws have also been seen to be actively exploited…
Read 788 times
Published in
News
Friday, 19 May 2023 13:12
Apple Launches ChatGPT app Wile Banning it from Use by Employees
Written by Sean Kalinich
After learning that there were malicious ads containing links to ChatGPT apps (for Windows), Apple launched a legitimate app for IOS. The app brings the very popular LLM to Apple users at a time when some are becoming more hesitant…
Read 688 times
Published in
News
Friday, 19 May 2023 11:51
Well Crap, New Flaw in KeePass Allows Attackers to Recover Master Password via Memory Dump
Written by Sean Kalinich
KeePass has a bit of a memory issue. It seems that the master password is passed in clear text through memory. This tiny little (sarcasm) bug was identified by a security researcher who goes by the name as vdohney. A…
Read 602 times
Published in
News
Friday, 19 May 2023 10:56
More Repo Issues as Malware Found in NPM Node.js Packages
Written by Sean Kalinich
Popular open-source repository NPM is back in the news as a pair of packages were found to have malware in them. The malware in question is TurkoRat. TurkoRat is an open-source information stealer that has a few features attached to…
Read 358 times
Published in
News
Thursday, 18 May 2023 15:08
Apple Rolling out a Feature that Lets Your iPhone Sound Just Like You, What Could Go Wrong
Written by Sean Kalinich
I’ll take stupid features for $500 Alex. It seems that Apple is looking to deploy a feature that would allow your phone to sound and reply just like you do. The feature called “Personal Voice” uses a form of AI…
Read 636 times
Published in
News
Thursday, 18 May 2023 13:16
Microsoft Stops Pushing Defender Update That Hid a Bug Due to Bugs
Written by Sean Kalinich
Over the last few months Windows 11 users have dealt with an annoying bug in Windows Defender. The bug was a continuous restart prompt to “enable” LSA protection. The problem is that LSA was enabled the whole time. The system…
Read 671 times
Published in
News
Thursday, 18 May 2023 09:53
Fake ChatGPT and Midjourney Sites used in Cyber-Attacks *** Updated ***
Written by Sean Kalinich
It was only a matter of time before something like this happened. As services like ChatGPT, Midjourney, Bard and other “AI” platform we viral, threat actors were bound to start trying to get in on the action. ChatGPT and Midjourney…
Read 185 times
Published in
News
Thursday, 18 May 2023 09:02
Inside a Ransomware as a Service Operation Shows How Simple and Profitable This can Be
Written by Sean Kalinich
As part of our ongoing (really never ending) series on modern ransomware, we are taking a look at a recent study of one Ransomware as a Service operation. In this case the look is at the Qilin scheme which was…
Read 530 times
Published in
News
Wednesday, 17 May 2023 15:18
Azure Serial Console being Abused for VM Takeover
Written by Sean Kalinich
Google owned Mandiant has released findings on a group known as Roasted 0ktapus, Scattered Spider and UNC3944 (sort of rolls off the tongue there). This group has been seen to abuse the Microsoft Azure Serial Console to push out their…
Read 318 times
Published in
News
Wednesday, 17 May 2023 14:30
Microsoft Visual Studio Marketplace Found to Have Malicious Extensions Targeting Developers
Written by Sean Kalinich
Attackers are always looking to get targets coming and going. As such you have a very rich ecosystem of attack types to cover as much ground as possible. A concerning one has always been direct supply chain attacks. These attacks…
Read 176 times
Published in
News
Tuesday, 16 May 2023 13:28
Money Message Ransomware Group Hits PharMerica and Steals 5.8 million Patient Records
Written by Sean Kalinich
The same Ransomware gang that hit MSI recently also appears to have hit Pharmacy services provider PharMerica and stole information on 5.8 million patents. The data that was exfiltrated as part of the attack includes social security numbers, full name…
Read 437 times
Published in
News
Tuesday, 16 May 2023 12:07
Ransomware Group RA Group Is Open for Business in the US and South Korea
Written by Sean Kalinich
There is a new player in the ransomware space. Dubber RA group this new organization appears to have had their grand opening last month (April 2023). RA Group published a data leak site on the dark web as part of…
Read 416 times
Published in
News
Page 2 of 176