Dec 11, 2023NewsroomThreat Intelligence / Cyber Attack Tactical and targeting overlaps have been discovered between the enigmatic advanced persistent threat (APT) called Sandman and a China-based threat cluster that's known to use a backdoor known as KEYPLUG. The assessment comes jointly from SentinelOne, PwC, and the Microsoft Threat Intelligence team based on the fact that … [Read more...] about Researchers Unmask Sandman APT’s Hidden Link to China-Based KEYPLUG Backdoor
software vulnerability
New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs
Dec 09, 2023NewsroomCyber Threat / Hardware Security Researchers from the Vrije Universiteit Amsterdam have disclosed a new side-channel attack called SLAM that could be exploited to leak sensitive information from kernel memory on current and upcoming CPUs from Intel, AMD, and Arm. The attack is an end-to-end exploit for Spectre based on a new feature in Intel CPUs called … [Read more...] about New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs
Researchers Unveal GuLoader Malware’s Latest Anti-Analysis Techniques
Dec 09, 2023NewsroomMalware / Cyberattack Threat hunters have unmasked the latest tricks adopted by a malware strain called GuLoader in an effort to make analysis more challenging. "While GuLoader's core functionality hasn't changed drastically over the past few years, these constant updates in their obfuscation techniques make analyzing GuLoader a time-consuming and … [Read more...] about Researchers Unveal GuLoader Malware’s Latest Anti-Analysis Techniques
N. Korean Kimsuky Targeting South Korean Research Institutes with Backdoor Attacks
Dec 08, 2023NewsroomCyber Espionage / Cryptocurrency The North Korean threat actor known as Kimsuky has been observed targeting research institutes in South Korea as part of a spear-phishing campaign with the ultimate goal of distributing backdoors on compromised systems. "The threat actor ultimately uses a backdoor to steal information and execute commands," the AhnLab … [Read more...] about N. Korean Kimsuky Targeting South Korean Research Institutes with Backdoor Attacks
New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices
Dec 07, 2023The Hacker NewsMobile Security / Vulnerability A critical Bluetooth security flaw could be exploited by threat actors to take control of Android, Linux, macOS and iOS devices. Tracked as CVE-2023-45866, the issue relates to a case of authentication bypass that enables attackers to connect to susceptible devices and inject keystrokes to achieve code execution as … [Read more...] about New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices
Threat Actors Can Leverage AWS STS to Infiltrate Cloud Accounts
Dec 06, 2023NewsroomAccess Management / Cloud Security Threat actors can take advantage of Amazon Web Services Security Token Service (AWS STS) as a way to infiltrate cloud accounts and conduct follow-on attacks. The service enables threat actors to impersonate user identities and roles in cloud environments, Red Canary researchers Thomas Gardner and Cody Betsworth said in a … [Read more...] about Threat Actors Can Leverage AWS STS to Infiltrate Cloud Accounts
Preventing Microsoft Copilot Data Exposure
Microsoft Copilot has been called one of the most powerful productivity tools on the planet. Copilot is an AI assistant that lives inside each of your Microsoft 365 apps — Word, Excel, PowerPoint, Teams, Outlook, and so on. Microsoft's dream is to take the drudgery out of daily work and let humans focus on being creative problem-solvers. What makes Copilot a different beast … [Read more...] about Preventing Microsoft Copilot Data Exposure
New BLUFFS Bluetooth Attack Expose Devices to Adversary-in-the-Middle Attacks
Dec 04, 2023NewsroomEncryption / Technology New research has unearthed multiple novel attacks that break Bluetooth Classic's forward secrecy and future secrecy guarantees, resulting in adversary-in-the-middle (AitM) scenarios between two already connected peers. The issues, collectively named BLUFFS, impact Bluetooth Core Specification 4.2 through 5.4. They are tracked under … [Read more...] about New BLUFFS Bluetooth Attack Expose Devices to Adversary-in-the-Middle Attacks
Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.
Dec 02, 2023Newsroom Organizations in the Middle East, Africa, and the U.S. have been targeted by an unknown threat actor to distribute a new backdoor called Agent Racoon. "This malware family is written using the .NET framework and leverages the domain name service (DNS) protocol to create a covert channel and provide different backdoor functionalities," Palo Alto Networks … [Read more...] about Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.
Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware
Dec 02, 2023NewsroomCybercrime / Malware A Russian national has been found guilty in connection with his role in developing and deploying a malware known as TrickBot, the U.S. Department of Justice (DoJ) announced. Vladimir Dunaev, 40, was arrested in South Korea in September 2021 and extradited to the U.S. a month later. "Dunaev developed browser modifications and malicious … [Read more...] about Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware