Google Chrome Hit by Second Zero-Day Attack – Urgent Patch Update Released – post by LinkCyb
Apr 19, 2023Ravie LakshmananBrowser Security / Zero-Day Google on Tuesday rolled out emergency fixes to address another actively exploited high-severity zero-day flaw in its Chrome web browser. The flaw, tracked as CVE-2023-2136, is described as a case of integer overflow in Skia, an open source 2D graphics library. Clément Lecigne of Google’s Threat Analysis Group […]
Uncovering (and Understanding) the Hidden Risks of SaaS Apps – post by LinkCyb
Recent data breaches across CircleCI, LastPass, and Okta underscore a common theme: The enterprise SaaS stacks connected to these industry-leading apps can be at serious risk for compromise. CircleCI, for example, plays an integral, SaaS-to-SaaS role for SaaS app development. Similarly, tens of thousands of organizations rely on Okta and LastPass security roles for SaaS […]
Pakistani Hackers Use Linux Malware Poseidon to Target Indian Government Agencies – post by LinkCyb
Apr 19, 2023Ravie LakshmananLinux / Malware The Pakistan-based advanced persistent threat (APT) actor known as Transparent Tribe used a two-factor authentication (2FA) tool used by Indian government agencies as a ruse to deliver a new Linux backdoor called Poseidon. “Poseidon is a second-stage payload malware associated with Transparent Tribe,” Uptycs security researcher Tejaswini Sandapolla said […]
U.S. and U.K. Warn of Russian Hackers Exploiting Cisco Router Flaws for Espionage – post by LinkCyb
Apr 19, 2023Ravie LakshmananNetwork Security / Cyber Espionage U.K. and U.S. cybersecurity and intelligence agencies have warned of Russian nation-state actors exploiting now-patched flaws in networking equipment from Cisco to conduct reconnaissance and deploy malware against select targets. The intrusions, per the authorities, took place in 2021 and targeted a small number of entities in […]
Iranian Government-Backed Hackers Targeting U.S. Energy and Transit Systems – post by LinkCyb
Apr 19, 2023Ravie LakshmananCyber Threat / SCADA An Iranian government-backed actor known as Mint Sandstorm has been linked to attacks aimed at critical infrastructure in the U.S. between late 2021 to mid-2022. “This Mint Sandstorm subgroup is technically and operationally mature, capable of developing bespoke tooling and quickly weaponizing N-day vulnerabilities, and has demonstrated agility […]
Critical Flaws in vm2 JavaScript Library Can Lead to Remote Code Execution – post by LinkCyb
Apr 19, 2023Ravie LakshmananSandbox / Software Security A fresh round of patches has been made available for the vm2 JavaScript library to address two critical flaws that could be exploited to break out of sandbox protections and achieve code execution. Both the flaws – CVE-2023-29199 and CVE-2023-30547 – are rated 9.8 out of 10 on […]
YouTube Videos Distributing Aurora Stealer Malware via Highly Evasive Loader – post by LinkCyb
Apr 18, 2023Ravie LakshmananThreat Intelligence / Cyber Risk Cybersecurity researchers have detailed the inner workings of a highly evasive loader named “in2al5d p3in4er” (read: invalid printer) that’s used to deliver the Aurora information stealer malware. “The in2al5d p3in4er loader is compiled with Embarcadero RAD Studio and targets endpoint workstations using advanced anti-VM (virtual machine) technique,” […]
When will AI be integrated into cyber security? – post by LinkCyb
ChatGPT, a machine learning (ML)-powered chatbot, is rapidly growing across all sectors. The app’s developer, OpenAI, reported that it gained one million users in just five days. The app has now been visited over two billion times, according to research by Similarweb. This being said, concerns have been raised about the use of the intelligent […]
Goldoson Android Malware Infects Over 100 Million Google Play Store Downloads – post by LinkCyb
Apr 18, 2023Ravie LakshmananMobile Security / Hacking h A new Android malware strain named Goldoson has been detected in the official Google Play Store spanning more than 60 legitimate apps that collectively have over 100 million downloads. An additional eight million installations have been tracked through ONE store, a leading third-party app storefront in South […]
Ex-Conti and FIN7 Actors Collaborate with New Domino Backdoor – post by LinkCyb
This blog was made possible through contributions from Christopher Caridi. IBM Security X-Force recently discovered a new malware family we have called “Domino,” which we assess was created by developers associated with the cybercriminal group that X-Force tracks as ITG14, also known as FIN7. Former members of the Trickbot/Conti syndicate which X-Force tracks as ITG23 […]