Nintendo has secretly released a fix for a security flaw that might have allowed hackers to access compromised Switch, 3DS, and Wii consoles. Do you remember when Nintendo finally issued an update for Mario Kart 7 after an absence of ten years? It has come to our attention that this was done in order to […]
Phishing campaigns involving the Qakbot malware are using Scalable Vector Graphics (SVG) images embedded in HTML email attachments. The new distribution method was spotted by Cisco Talos, which said it identified fraudulent email messages featuring HTML attachments with encoded SVG images that incorporate HTML script tags. HTML smuggling is a technique that relies on using […]
Make sure that the device that’s supposed to help you keep tabs on your little one isn’t itself a privacy and security risk
The cybersecurity analysts at Zscaler ThreatLabz have recently detected a new malicious version of a multi-factor-authentication (MFA) solution, known as Kavach, which has been exploited by the threat actors of Transparent Tribe (aka APT-36, C-Major, and Mythic Leopard) actively to target the Indian government agencies. To distribute the malicious versions of Kavach MFA apps, the […]
HelpSystems, the company behind the Cobalt Strike software platform, has released an out-of-band security update to address a remote code execution vulnerability that could allow an attacker to take control of targeted systems. Cobalt Strike is a commercial red-team framework that’s mainly used for adversary simulation, but cracked versions of the software have been actively […]
In a coordinated operation on October 10 throughout the three nations, 31 people were detained. A total of 22 addresses were raided, and illicit assets worth over EUR 1 098 500 were recovered. The French authorities, working with their Spanish and Latvian counterparts, busted a car theft ring that utilized counterfeit software to steal automobiles […]
Two security flaws in WhatsApp’s chat app for iOS and Android that might have been used to remotely execute malware on the device were recently reported by the company Meta. CVE-2022-36934, which has a severe severity rating (CVSS score of 9.8), affects all Android and iOS versions previous to v2.22.16.12, Business for Android prior to v2.22.16.12, […]
China has accused the U.S. National Security Agency (NSA) of conducting a string of cyberattacks aimed at aeronautical and military research-oriented Northwestern Polytechnical University in the city of Xi’an in June 2022. The National Computer Virus Emergency Response Centre (NCVERC) disclosed its findings last week, and accused the Office of Tailored Access Operations (TAO) at […]
Entrust is accused by LockBit of being behind the cyberattack. If such were the case, a genuine security firm would never retaliate by conducting a DDoS assault against criminals.Following a DDoS attack that knocked the LockBit ransomware gang offline for several days, the group has claimed that it will pursue more aggressive methods while aggressively […]
High-tech criminals are increasingly targeting push-start automobiles by hacking into key fobs, leaving many New Orleans car owners stranded according to WSDU news. The thief first waves a relay box at the victim’s house, which enhances the vehicle key signal in the house to another device held by the second criminal waiting beside the car. […]
DigitalOcean has revealed that some of its customers’ emails were exposed to attackers thanks to an attack on the Mailchimp email marketing service. DigitalOcean has reported on its website a security incident suffered due to a security breach caused by its email provider, Mailchimp. On August 8, they discovered that their Mailchimp account had been […]
HP has highlighted a new wave of cybercriminals who spread families of ‘malware’ in business environments using files with shortcuts or links (so-called LNK) to distribute ‘malware’. It is one of the conclusions reached in its latest global report, which provides an analysis of cyber attacks in the real world and focuses on the methods […]
We can say that Kali Linux is one of the most important distributions in terms of computer security. Now they have released their new version, Kali Linux 2022.3, which brings some interesting news. As usual, they add some features and also fix certain bugs that may have appeared in the previous version. We are going […]
Researchers have disclosed a new offensive framework referred to as Manjusaka that they call is a “Chinese sibling of Sliver and Cobalt Strike.” “A fully functional version of the command-and-control (C2), written in Golang with a User Interface in Simplified Chinese, is freely available and can generate new implants with custom configurations with ease, increasing […]
Rolling-PWN attack vulnerability CVE-2021-46145 affecting all Honda cars models that exist from the year 2012 up to the year 2022. This vulnerability allows anyone to permanently open the car door or even start the car engine remotely. The Rolling-PWN bug is a critical vulnerability. Researchers found it in a vulnerable version of the rolling codes […]
In a leak that, if verified, could be one of the biggest data breaches in history, hackers might have obtained a wealth of information belonging to over I billion Chinese from a database owned by Shangai police. Last week, a user going by the handle “ChinaDan” posted a message on Breach Forums (an online hacking […]
A new malware has been discovered that actively attacks home and small business routers in Europe and North America. That malware attacks SOHO router models. Among the countries where it has already attacked is Spain, according to researchers from Lumen Technologies Inc.’s company. The malware has been named as ZuoRAT. The malware is described as […]
An APT group named GALLIUM has recently been using a new and hard-to-detect remote access trojan named PingPull. The trojan is being identified by the security experts at Unit 42 security firm as a part of their research. In addition to monitoring several APT groups, unit 42 also monitors its own infrastructure as well. GALLIUM […]
Enforcing the “double-extortion” technique aka pay-now-or-get-breached emerged as a head-turner last year. May 6th, 2022 is a recent example. The State Department said the Conti strain of ransomware was the most costly in terms of payments made by victims as of January. Conti, a ransomware-as-a-service (RaaS) program, is one of the most notorious ransomware groups […]
Last weekend, HDFC Bank clients received a message showing a non-exact balance in their accounts, making them believe they had received a huge amount of money for free, even toping Rs 130 million. The incident was informed to Chennai Police by a concerned customer, as he feared his bank account could have been breached by […]
A few days ago, the security researcher known as “nao_sec” reported the detection of a file specially crafted Word document to exploit a zero-day vulnerability in Microsoft Office that would allow the execution of arbitrary code just when opening a malicious file. This malware, loaded from Belarus to the VirusTotal platform, was analyzed by expert […]