Month: March 2023

0 Comments
Mar 31, 2023Ravie LakshmananCyber Espionage / APT The advanced persistent threat (APT) actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign. “TA473 since at least February 2023 has continuously leveraged an unpatched Zimbra vulnerability in publicly facing webmail portals that allows them
0 Comments
Threat actors suspected to be operating for the North Korean government have been observed trojanizing versions of the voice and video calling desktop client 3CX DesktopApp to launch attacks against several victims. The Symantec threat intelligence team shared the findings in an advisory published earlier today, explaining the attackers’ tactics were similar to those used against
0 Comments
Mar 30, 2023Ravie LakshmananCloud Security / Vulnerability Details have emerged about a now-patched vulnerability in Azure Service Fabric Explorer (SFX) that could lead to unauthenticated remote code execution. Tracked as CVE-2023-23383 (CVSS score: 8.2), the issue has been dubbed “Super FabriXss” by Orca Security, a nod to the FabriXss flaw (CVE-2022-35829, CVSS score: 6.2) that
0 Comments
Google’s Threat Analysis Group (TAG) has revealed tracking over 30 commercial spyware vendors that facilitate the spread of malware by government-backed threat actors. Writing in a blog post published earlier today, TAG’s Clement Lecigne said these vendors are arming countries that would otherwise not be able to develop these tools. “While the use of surveillance
0 Comments
How content creators and subscribers can embrace the social media platform without (overly) exposing themselves to the potentially toxic brew of NSFW content and privacy threats By now you’ve most probably heard of, or possibly even use, OnlyFans. Launched in 2016, this subscription service for content creators gained momentum over the course of the pandemic
0 Comments
Mar 29, 2023Ravie LakshmananZero-Day / Mobile Security A number of zero-day vulnerabilities that were addressed last year were exploited by commercial spyware vendors to target Android and iOS devices, Google’s Threat Analysis Group (TAG) has revealed. The two distinct campaigns were both limited and highly targeted, taking advantage of the patch gap between the release
0 Comments
A malware campaign targeting cryptocurrency wallets has been recently discovered by security researchers at Kaspersky. Discussing the findings in an advisory published today, the company said the attacks were first observed in September 2022 and relied on malware replacing part of the clipboard contents with cryptocurrency wallet addresses. “Despite the attack being fundamentally simple, it
0 Comments
Mar 28, 2023Ravie LakshmananArtificial Intelligence / Cyber Threat Microsoft on Tuesday unveiled Security Copilot in preview, marking its continued push to embed AI-oriented features in an attempt to offer “end-to-end defense at machine speed and scale.” Powered by OpenAI’s GPT-4 generative AI and its own security-specific model, it’s billed as a security analysis tool that
0 Comments
Microsoft announced a new information disclosure vulnerability on Friday, for a bug affecting its screenshot editing tools in both Windows 10 and Windows 11.  The vulnerability (CVE-2023-28303) is called aCropalypse and could enable malicious actors to recover sections of screenshots, potentially revealing sensitive information.  Read more on screenshot-supported malware here: New Threat Group Reviews Screenshots Before Striking
0 Comments
Mar 25, 2023Ravie LakshmananEnterprise Security / Microsoft Microsoft on Friday shared guidance to help customers discover indicators of compromise (IoCs) associated with a recently patched Outlook vulnerability. Tracked as CVE-2023-23397 (CVSS score: 9.8), the critical flaw relates to a case of privilege escalation that could be exploited to steal NT Lan Manager (NTLM) hashes and
0 Comments
Vulnerable code has been discovered in the payment solution plugin WooCommerce for the WordPress content management system (CMS) that could allow an unauthenticated attacker to gain administrative privileges and take over a website. The findings come from WordPress security experts at Wordfence, who described the critical authentication bypass in a blog post published on Thursday.
0 Comments
The US Cybersecurity and Infrastructure Security Agency (CISA) and the Joint Cyber Defense Collaborative (JCDC) have unveiled a new effort to aid organizations in quickly fixing vulnerabilities targeted by ransomware actors. The Pre-Ransomware Notification Initiative provides businesses with early warnings, enabling them to potentially evict threat actors before they can encrypt data and systems for
0 Comments
A Chinese cyber-espionage actor likely connected with the “Operation Soft Cell” campaign has been targeting Middle East telecom providers since the beginning of 2023. The new series of attacks are part of what SentinelOne researchers described as “Operation Tainted Love,” a cyber-espionage campaign exhibiting “a well-maintained, versioned credential theft capability” and a new dropper mechanism.
0 Comments
Why your organization should consider an MDR solution and five key things to look for in a service offering The threat landscape is evolving at breakneck speed and corporate cyberattack surfaces expand, with many trends and developments kicked into overdrive as a result of the surge in digital transformation investments during and after the COVID-19