Skip to content Skip to sidebar Skip to footer

N. Korean Hackers Targeting Security Experts to Steal Undisclosed Researches

North Korean government-backed threat actor targeted security researchers working on vulnerability research and development. Google's Threat Analysis Group said the adversary created a research blog and multiple profiles on various social media platforms such as Twitter, LinkedIn, Telegram, Discord, and Keybase. The goal, it appears, is to steal exploits developed by the researchers for possibly…

Read more

New Chinese Malware Targeted Russia’s Largest Nuclear Submarine Designer

A threat actor believed to be working on behalf of Chinese state-sponsored interests was recently observed targeting a Russia-based defense contractor involved in designing nuclear submarines. The attack leveraged the infamous "Royal Road" Rich Text Format (RTF) weaponizer to deliver a previously undocumented Windows backdoor dubbed "PortDoor" The attack targeted a general director working at…

Read more

New Mirai-Inspired Botnet Could Be Using Your KGUARD DVRs in Cyber Attacks

New Mirai-inspired botnet called "mirai_ptea" leverages an undisclosed vulnerability in digital video recorders. At least 3,000 devices exposed online are susceptible to the flaw, researchers say. Mirai has been linked to a string of large-scale DDoS attacks, including one against DNS service provider Dyn in October 2016, causing major internet platforms and services to remain…

Read more

New WhatsApp Bugs Could’ve Let Attackers Hack Your Phone Remotely

Facebook-owned WhatsApp recently addressed two security vulnerabilities in its messaging app for Android. The flaws take aim at devices running Android versions up to and including Android 9. They could have been exploited to execute malicious code remotely on the device and even exfiltrate sensitive information. WhatsApp users are recommended to update to version 2.21.4.18…

Read more

Popular Netop Remote Learning Software Found Vulnerable to Hacking

"These findings allow for elevation of privileges and ultimately remote code execution which could be used by a malicious attacker within the same network to gain full control over students' computers," the McAfee Labs Advanced Threat Research team said in an analysis. During the course of McAfee's investigation, several design flaws were uncovered, including:......vulnerabilities..and..screens in…

Read more

Reduce Business Risk By Fixing 3 Critical Endpoint-to-Cloud Security Requirements

Remote work boosted productivity by letting employees access cloud data from anywhere on any device. IT security teams still shoulder responsibility for protecting confidential data and ensuring compliance with strict privacy regulations. Gartner introduced the Secure Access Service Edge (SASE), a framework that addresses these challenges and calls for rolling multiple security solutions into one…

Read more

Researchers Uncover Android Spying Campaign Targeting Pakistan Officials

Two new Android surveillanceware families have been found to target military, nuclear, and election entities in Pakistan and Kashmir as part of a pro-India, state-sponsored hacking campaign. Dubbed Hornbill and Sunbird, the malware impersonates legitimate or seemingly innocuous services to cover its tracks, only to stealthily collect SMS, encrypted messaging app content, and geolocation. The…

Read more

Russian Federal Agencies Were Attacked With Chinese Webdav-O Virus

Cybersecurity firm Group-IB finds similarities between malware called "Webdav-O" and "BlueTraveller" Malware was detected in attacks against Russian federal executive authorities in 2020. The malware was also linked to a Chinese threat actor called TaskMasters. The main goal of the hackers was to "completely compromise the IT infrastructure and steal confidential information," the researchers said.…

Read more