Cyber Security

Old technology solutions – every organization has a few of them tucked away somewhere. It could be an old and unsupported storage system or a tape library holding the still-functional backups from over 10 years ago. This is a common scenario with software too. For example, consider an accounting software suite that was extremely expensive

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week released an Industrial Control Systems (ICS) advisory warning of multiple vulnerabilities in Mitsubishi Electric GX Works3 engineering software. “Successful exploitation of these vulnerabilities could allow unauthorized users to gain access to the MELSEC iQ-R/F/L series CPU modules and the MELSEC iQ-R series OPC UA server

Search giant Google on Friday released an out-of-band security update to fix a new actively exploited zero-day flaw in its Chrome web browser. The high-severity flaw, tracked as CVE-2022-4262, concerns a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google’s Threat Analysis Group (TAG) has been credited with reporting the issue on

Platform certificates used by Android smartphone vendors like Samsung, LG, and MediaTek have been found to be abused to sign malicious apps. The findings were first discovered and reported by Google reverse engineer Łukasz Siewierski on Thursday. “A platform certificate is the application signing certificate used to sign the ‘android’ application on the system image,”

A critical security vulnerability has been disclosed in the Quarkus Java framework that could be potentially exploited to achieve remote code execution on affected systems. Tracked as CVE-2022-4116 (CVSS score: 9.8), the shortcoming could be trivially abused by a malicious actor without any privileges. “The vulnerability is found in the Dev UI Config Editor, which

The threat actors behind Cuba (aka COLDDRAW) ransomware have received more than $60 million in ransom payments and compromised over 100 entities across the world as of August 2022. In a new advisory shared by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), the agencies highlighted a “sharp

Medibank on Thursday confirmed that the threat actors behind the devastating cyber attack have posted another dump of data stolen from its systems on the dark web after its refusal to pay a ransom. “We are in the process of analyzing the data, but the data released appears to be the data we believed the

A Barcelona-based surveillanceware vendor named Variston IT is said to have surreptitiously planted spyware on targeted devices by exploiting several zero-day flaws in Google Chrome, Mozilla Firefox, and Windows, some of which date back to December 2018. “Their Heliconia framework exploits n-day vulnerabilities in Chrome, Firefox, and Microsoft Defender, and provides all the tools necessary

A malicious Android SMS application discovered on the Google Play Store has been found to stealthily harvest text messages with the goal of creating accounts on a wide range of platforms like Facebook, Google, and WhatsApp. The app, named Symoo (com.vanjan.sms), had over 100,000 downloads and functioned as a relay for transmitting messages to a

The North Korea-linked ScarCruft group has been attributed to a previously undocumented backdoor called Dolphin that the threat actor has used against targets located in its southern counterpart. “The backdoor […] has a wide range of spying capabilities, including monitoring drives and portable devices and exfiltrating files of interest, keylogging and taking screenshots, and stealing

New findings from cybersecurity firm JFrog show that malware targeting the npm ecosystem can evade security checks by taking advantage of an “unexpected behavior” in the npm command line interface (CLI) tool. npm CLI’s install and audit commands have built-in capabilities to check a package and all of its dependencies for known vulnerabilities, effectively acting

A threat actor with a suspected China nexus has been linked to a set of espionage attacks in the Philippines that primarily relies on USB devices as an initial infection vector. Mandiant, which is part of Google Cloud, is tracking the cluster under its uncategorized moniker UNC4191. An analysis of the artifacts used in the

Acer has released a firmware update to address a security vulnerability that could be potentially weaponized to turn off UEFI Secure Boot on affected machines. Tracked as CVE-2022-4020, the high-severity vulnerability affects five different models that consist of Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G. The PC maker described the vulnerability as

Threat actors are capitalizing on a popular TikTok challenge to trick users into downloading information-stealing malware, according to new research from Checkmarx. The trend, called Invisible Challenge, involves applying a filter known as Invisible Body that just leaves behind a silhouette of the person’s body. But the fact that individuals filming such videos could be

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical flaw impacting Oracle Fusion Middleware to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2021-35587, carries a CVSS score of 9.8 and impacts Oracle Access Manager (OAM) versions 11.1.2.3.0, 12.2.1.3.0, and 12.2.1.4.0. Successful exploitation of

It’s not news that phishing attacks are getting more complex and happening more often. This year alone, APWG reported a record-breaking total of 1,097,811 phishing attacks. These attacks continue to target organizations and individuals to gain their sensitive information. The hard news: they’re often successful, have a long-lasting negative impact on your organization and employees,

Amazon Web Services (AWS) has resolved a cross-tenant vulnerability in its platform that could be weaponized by an attacker to gain unauthorized access to resources. The issue relates to a confused deputy problem, a type of privilege escalation where a program that doesn’t have permission to perform an action can coerce a more-privileged entity to

Twitter chief executive Elon Musk confirmed plans for end-to-end encryption (E2EE) for direct messages on the platform. The feature is part of Musk’s vision for Twitter 2.0, which is expected to be what’s called an “everything app.” Other functionalities include longform tweets and payments, according to a slide deck shared by Musk over the weekend.

As 2022 comes to an end, now’s the time to level up your bug bounty program with Intigriti. Are you experiencing slow bug bounty lead times, gaps in security skills, or low-quality reports from researchers? Intigriti’s expert triage team and global community of ethical hackers are enabling businesses to protect themselves against every emerging cybersecurity

A coordinated law enforcement effort has dismantled an online phone number spoofing service called iSpoof and arrested 142 individuals linked to the operation. The websites, ispoof[.]me and ispoof[.]cc, allowed the crooks to “impersonate trusted corporations or contacts to access sensitive information from victims,” Europol said in a press statement. Worldwide losses exceeded €115 million ($