A never-before-seen Linux malware has been dubbed a "Swiss Army Knife" for its modular architecture and its capability to install rootkits. This previously undetected Linux threat, called Lightning Framework by Intezer, is equipped with a plethora of features, making it one of the most intricate frameworks developed for targeting Linux systems. "The framework has both passive … [Read more...] about New Linux Malware Framework Lets Attackers Install Rootkit on Targeted Systems
Install
Passwordstate Password Manager Update Hijacked to Install Backdoor on Thousands of PCs
Click Studios, the Australian software company behind the Passwordstate password management application, has notified customers to reset their passwords following a software supply chain attack. The Adelaide-based firm said a bad actor used sophisticated techniques to compromise the software's update mechanism and used it to drop malware on user computers. The breach is said to … [Read more...] about Passwordstate Password Manager Update Hijacked to Install Backdoor on Thousands of PCs
A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware
An authentication bypass vulnerability in the SolarWinds Orion software may have been leveraged by adversaries as zero-day to deploy the SUPERNOVA malware in target environments. According to an advisory published yesterday by the CERT Coordination Center, the SolarWinds Orion API that's used to interface with all other Orion system monitoring and management products suffers … [Read more...] about A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware
Browsers Bugs Exploited to Install 2 New Backdoors on Targeted Computers
Cybersecurity researchers have disclosed details about a new watering hole attack targeting the Korean diaspora that exploits vulnerabilities in web browsers such as Google Chrome and Internet Explorer to deploy malware for espionage purposes. Dubbed "Operation Earth Kitsune" by Trend Micro, the campaign involves the use of SLUB (for SLack and githUB) malware and two new … [Read more...] about Browsers Bugs Exploited to Install 2 New Backdoors on Targeted Computers
Amazon Alexa Bugs Allowed Hackers to Install Malicious Skills Remotely
Attention! If you use Amazon's voice assistant Alexa in you smart speakers, just opening an innocent-looking web-link could let attackers install hacking skills on it and spy on your activities remotely.Cybersecurity researchers today disclosed severe security vulnerabilities in Amazon's Alexa virtual assistant that could render it vulnerable to a number of malicious … [Read more...] about Amazon Alexa Bugs Allowed Hackers to Install Malicious Skills Remotely
New WhatsApp Bug Could Have Let Hackers Secretly Install Spyware On Your Devices
The recent controversies surrounding the WhatsApp hacking haven't yet settled, and the world's most popular messaging platform is in choppy waters once again.The Hacker News has learned that WhatsApp has recently patched yet another critical vulnerability that could have allowed attackers to remotely compromise targeted devices and potentially steal secured chat messages and … [Read more...] about New WhatsApp Bug Could Have Let Hackers Secretly Install Spyware On Your Devices
Hackers Used WhatsApp 0-Day Flaw to Secretly Install Spyware On Phones
Whatsapp has recently patched a severe vulnerability that was being exploited by attackers to remotely install surveillance malware on a few "selected" smartphones by simply calling the targeted phone numbers over Whatsapp audio call.Discovered, weaponized and then sold by the Israeli company NSO Group that produces the most advanced mobile spyware on the planet, the WhatsApp … [Read more...] about Hackers Used WhatsApp 0-Day Flaw to Secretly Install Spyware On Phones