Native American Indian & Service-Disabled Veteran Owned Business

News and Events

RSS Cybersecurity

  • Hackers Infect macOS with New DazzleSpy Backdoor in Watering-Hole Attacks January 27, 2022
    A previously undocumented cyber-espionage malware aimed at Apple's macOS operating system leveraged a Safari web browser exploit as part of a watering hole attack targeting politically active, pro-democracy individuals in Hong Kong. Slovak cybersecurity firm ESET attributed the intrusion to an actor with "strong technical capabilities," calling out the campaign's overlaps to that of a similar
  • Google Drops FLoC and Introduces Topics API to Replace Tracking Cookies for Ads January 27, 2022
    Google on Tuesday announced that it is abandoning its controversial plans for replacing third-party cookies in favor of a new Privacy Sandbox proposal called Topics, which categorizes users' browsing habits into approximately 350 topics. The new mechanism, which takes the place of FLoC (short for Federated Learning of Cohorts), slots users' browsing history for a given week into […]
  • 12-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access January 27, 2022
    A 12-year-old security vulnerability has been disclosed in a system utility called Polkit that grants attackers root privileges on Linux systems, even as a proof-of-concept (PoC) exploit has emerged in the wild merely hours after technical details of the bug became public. Dubbed "PwnKit" by cybersecurity firm Qualys, the weakness impacts a component in polkit […]
  • Webinar: How to See More, But Respond Less with Enhanced Threat Visibility January 26, 2022
    The subject of threat visibility is a recurring one in cybersecurity. With an expanding attack surface due to the remote work transformation, cloud and SaaS computing and the proliferation of personal devices, seeing all the threats that are continuously bombarding the company is beyond challenging. This especially rings true for small to medium-sized enterprises with […]
  • Initial Access Broker Involved in Log4Shell Attacks Against VMware Horizon Servers January 26, 2022
    An initial access broker group tracked as Prophet Spider has been linked to a set of malicious activities that exploits the Log4Shell vulnerability in unpatched VMware Horizon Servers. According to new research published by BlackBerry Research & Intelligence and Incident Response (IR) teams today, the cybercrime actor has been opportunistically weaponizing the shortcoming to download […]
  • Emotet Now Using Unconventional IP Address Formats to Evade Detection January 26, 2022
    Social engineering campaigns involving the deployment of the Emotet malware botnet have been observed using "unconventional" IP address formats for the first time in a bid to sidestep detection by security solutions. This involves the use of hexadecimal and octal representations of the IP address that, when processed by the underlying operating systems, get automatically […]
  • TrickBot Malware Using New Techniques to Evade Web Injection Attacks January 26, 2022
    The cybercrime operators behind the notorious TrickBot malware have once again upped the ante by fine-tuning its techniques by adding multiple layers of defense to slip past antimalware products. "As part of that escalation, malware injections have been fitted with added protection to keep researchers out and get through security controls," IBM Trusteer said in a report. […]
  • Mobile Banking Trojan BRATA Gains New, Dangerous Capabilities January 26, 2022
    The Android malware tracked as BRATA has been updated with new features that grants it the ability to record keystrokes, track device locations, and even perform a factory reset in an apparent bid to cover up fraudulent wire transfers. The latest variants, detected late last year, are said to be distributed through a downloader to […]
  • Hackers Exploited MSHTML Flaw to Spy on Government and Defense Targets January 26, 2022
    Cybersecurity researchers on Tuesday took the wraps off a multi-stage espionage campaign targeting high-ranking government officials overseeing national security policy and individuals in the defense industry in Western Asia. The attack is unique as it leverages Microsoft OneDrive as a command-and-control (C2) server and is split into as many as six stages to stay as […]
  • Hackers Using New Malware Packer DTPacker to Avoid Analysis, Detection January 25, 2022
    A previously undocumented malware packer named DTPacker has been observed distributing multiple remote access trojans (RATs) and information stealers such as Agent Tesla, Ave Maria, AsyncRAT, and FormBook to plunder information and facilitate follow-on attacks. "The malware uses multiple obfuscation techniques to evade antivirus, sandboxing, and analysis," enterprise security company Proofpoint 
  • Hackers Creating Fraudulent Crypto Tokens as Part of 'Rug Pull' Scams January 25, 2022
    Misconfigurations in smart contracts are being exploited by scammers to create malicious cryptocurrency tokens with the goal of stealing funds from unsuspecting users. The instances of token fraud in the wild include hiding 99% fee functions and concealing backdoor routines, researchers from Check Point said in a report shared with The Hacker News. Smart contracts […]
  • ZTNAs Address Requirements VPNs Cannot. Here's Why. January 24, 2022
    I recently hopped on the Lookout podcast to talk about virtual private networks (VPNs) and how they've been extended beyond their original use case of connecting remote laptops to your corporate network. Even in this new world where people are using personal devices and cloud apps, VPN continues to be the go-to solution for remote access and […]
  • High-Severity Rust Programming Bug Could Lead to File, Directory Deletion January 24, 2022
    The maintainers of the Rust programming language have released a security update for a high-severity vulnerability that could be abused by a malicious party to purge files and directories from a vulnerable system in an unauthorized manner. "An attacker could use this security issue to trick a privileged program into deleting files and directories the […]
  • Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks January 24, 2022
    A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group (APT41). Kaspersky, which codenamed the rootkit MoonBounce, characterized the malware as the "most advanced UEFI firmware implant discovered in the wild to date," adding "the purpose of the
  • New BHUNT Password Stealer Malware Targeting Cryptocurrency Wallets January 24, 2022
    A new evasive crypto wallet stealer named BHUNT has been spotted in the wild with the goal of financial gain, adding to a list of digital currency stealing malware such as CryptBot, Redline Stealer, and WeSteal. "BHUNT is a modular stealer written in .NET, capable of exfiltrating wallet (Exodus, Electrum, Atomic, Jaxx, Ethereum, Bitcoin, Litecoin wallets) contents, […]
  • Experts Find Strategic Similarities b/w NotPetya and WhisperGate Attacks on Ukraine January 22, 2022
    Latest analysis into the wiper malware that targeted dozens of Ukrainian agencies earlier this month has revealed "strategic similarities" to NotPetya malware that was unleashed against the country's infrastructure and elsewhere in 2017. The malware, dubbed WhisperGate, was discovered by Microsoft last week, which said it observed the destructive cyber campaign targeting government, non-profit,
  • Molerats Hackers Hiding New Espionage Attacks Behind Public Cloud Infrastructure January 22, 2022
    An active espionage campaign has been attributed to the threat actor known as Molerats that abuses legitimate cloud services like Google Drive and Dropbox to host malware payloads and for command-and-control and the exfiltration of data from targets across the Middle East. The cyber offensive is believed to have been underway since at least July […]
  • Hackers Planted Secret Backdoor in Dozens of WordPress Plugins and Themes January 22, 2022
    In yet another instance of software supply chain attack, dozens of WordPress themes and plugins hosted on a developer's website were backdoored with malicious code in the first half of September 2021 with the goal of infecting further sites. The backdoor gave the attackers full administrative control over websites that used 40 themes and 53 […]
  • Critical Bugs in Control Web Panel Expose Linux Servers to RCE Attacks January 22, 2022
    Researchers have disclosed details of two critical security vulnerabilities in Control Web Panel that could be abused as part of an exploit chain to achieve pre-authenticated remote code execution on affected servers. Tracked as CVE-2021-45467, the issue concerns a case of a file inclusion vulnerability, which occurs when a web application is tricked into exposing or […]
  • Cisco Issues Patch for Critical RCE Vulnerability in RCM for StarOS Software January 22, 2022
    Cisco Systems has rolled out fixes for a critical security flaw affecting Redundancy Configuration Manager (RCM) for Cisco StarOS Software that could be weaponized by an unauthenticated, remote attacker to execute arbitrary code and take over vulnerable machines. Tracked as CVE-2022-20649 (CVSS score: 9.0), the vulnerability stems from the fact that the debug mode has been incorrectly […]