One of the first malware samples tailored to run natively on Apple's M1 chips has been discovered, suggesting a new development that indicates that bad actors have begun adapting malicious software to target the company's latest generation of Macs powered by its own processors. While the transition to Apple silicon has necessitated developers to build new versions of their apps … [Read more...] about First Malware Designed for Apple M1 Chip Discovered in the Wild
Wild
Google Discloses Windows Zero-Day Bug Exploited in the Wild
Google has disclosed details of a new zero-day privilege escalation flaw in the Windows operating system that's being actively exploited in the wild. The elevation of privileges (EoP) vulnerability, tracked as CVE-2020-17087, concerns a buffer overflow present since at least Windows 7 in the Windows Kernel Cryptography Driver ("cng.sys") that can be exploited for a sandbox … [Read more...] about Google Discloses Windows Zero-Day Bug Exploited in the Wild
New ‘MosaicRegressor’ UEFI Bootkit Malware Found Active in the Wild
Cybersecurity researchers have spotted a rare kind of potentially dangerous malware that targets a machine's booting process to drop persistent malware. The campaign involved the use of a compromised UEFI (or Unified Extensible Firmware Interface) containing a malicious implant, making it the second known public case where a UEFI rootkit has been used in the wild. According to … [Read more...] about New ‘MosaicRegressor’ UEFI Bootkit Malware Found Active in the Wild
Cisco Issues Warning Over IOS XR Zero-Day Flaw Being Targeted in the Wild
Cisco has warned of an active zero-day vulnerability in its router software that's being exploited in the wild and could allow a remote, authenticated attacker to carry out memory exhaustion attacks on an affected device. "An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device," Cisco said in an advisory posted over the weekend."A … [Read more...] about Cisco Issues Warning Over IOS XR Zero-Day Flaw Being Targeted in the Wild
First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild
Cybersecurity researchers have spotted a new cyberattack, which is believed to be the very first but amateur attempt to weaponize the infamous BlueKeep RDP vulnerability in the wild to mass compromise vulnerable systems for cryptocurrency mining.In May this year, Microsoft released a patch for a highly-critical remote code execution flaw in the Windows Remote Desktop Services, … [Read more...] about First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild
New 0-Day Flaw Affecting Most Android Phones Being Exploited in the Wild
Another day, another revelation of a critical unpatched zero-day vulnerability, this time in the world's most widely used mobile operating system, Android.What's more? The Android zero-day vulnerability has also been found to be exploited in the wild by the Israeli surveillance vendor NSO Group—infamous for selling zero-day exploits to governments—or one of its customers, to … [Read more...] about New 0-Day Flaw Affecting Most Android Phones Being Exploited in the Wild
New Android Spyware Created by Russian Defense Contractor Found in the Wild
Cybersecurity researchers have uncovered a new piece of mobile surveillance malware believed to be developed by a Russian defense contractor that has been sanctioned for interfering with the 2016 U.S. presidential election.Dubbed Monokle, the mobile remote-access trojan has been actively targeting Android phones since at least March 2016 and is primarily being used in highly … [Read more...] about New Android Spyware Created by Russian Defense Contractor Found in the Wild