Feb 08, 2023Ravie LakshmananEncryption / IoT Security The U.S. National Institute of Standards and Technology (NIST) has announced that a family of authenticated encryption and hashing algorithms known as Ascon will be standardized for lightweight cryptography applications. "The chosen algorithms are designed to protect information created and transmitted by the Internet of … [Read more...] about NIST Standardizes Ascon Cryptographic Algorithm for IoT and Other Lightweight Devices
cyber security news today
CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks
Feb 08, 2023Ravie LakshmananThreat Intelligence / Cyber War The Computer Emergency Response Team of Ukraine (CERT-UA) has issued an alert warning of cyber attacks against state authorities in the country that deploy a legitimate remote access software named Remcos. The mass phishing campaign has been attributed to a threat actor it tracks as UAC-0050, with the agency … [Read more...] about CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks
GuLoader Malware Using Malicious NSIS Executables to Target E-Commerce Industry
Feb 06, 2023Ravie LakshmananCyber Attack / Endpoint Security E-commerce industries in South Korea and the U.S. are at the receiving end of an ongoing GuLoader malware campaign, cybersecurity firm Trellix disclosed late last month. The malspam activity is notable for transitioning away from malware-laced Microsoft Word documents to NSIS executable files for loading the … [Read more...] about GuLoader Malware Using Malicious NSIS Executables to Target E-Commerce Industry
FormBook Malware Spreads via Malvertising Using MalVirt Loader to Evade Detection
Feb 06, 2023Ravie LakshmananMalvertising / Data Safety An ongoing malvertising campaign is being used to distribute virtualized .NET loaders that are designed to deploy the FormBook information-stealing malware. "The loaders, dubbed MalVirt, use obfuscated virtualization for anti-analysis and evasion along with the Windows Process Explorer driver for terminating processes," … [Read more...] about FormBook Malware Spreads via Malvertising Using MalVirt Loader to Evade Detection
New Android Banking Trojan Targeting Brazilian Financial Institutions
A new Android banking trojan has set its eyes on Brazilian financial institutions to commit fraud by leveraging the PIX payments platform. Italian cybersecurity company Cleafy, which discovered the malware between the end of 2022 and the beginning of 2023, is tracking it under the name PixPirate. "PixPirate belongs to the newest generation of Android banking trojan, as it can … [Read more...] about New Android Banking Trojan Targeting Brazilian Financial Institutions
New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers
Feb 04, 2023Ravie LakshmananEnterprise Security / Ransomware VMware ESXi hypervisors are the target of a new wave of attacks designed to deploy ransomware on compromised systems. "These attack campaigns appear to exploit CVE-2021-21974, for which a patch has been available since February 23, 2021," the Computer Emergency Response Team (CERT) of France said in an advisory on … [Read more...] about New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers
Atlassian’s Jira Software Found Vulnerable to Critical Authentication Vulnerability
Feb 03, 2023Ravie LakshmananCloud Security / Vulnerability Atlassian has released fixes to resolve a critical security flaw in Jira Service Management Server and Data Center that could be abused by an attacker to pass off as another user and gain unauthorized access to susceptible instances. The vulnerability is tracked as CVE-2023-22501 (CVSS score: 9.4) and has been … [Read more...] about Atlassian’s Jira Software Found Vulnerable to Critical Authentication Vulnerability
Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers
Feb 02, 2023Ravie LakshmananDatabase Security / Cryptocurrency At least 1,200 Redis database servers worldwide have been corralled into a botnet using an "elusive and severe threat" dubbed HeadCrab since early September 2021. "This advanced threat actor utilizes a state-of-the-art, custom-made malware that is undetectable by agentless and traditional anti-virus solutions to … [Read more...] about Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers
Hackers Abused Microsoft’s “Verified Publisher” OAuth Apps to Breach Corporate Email Accounts
Feb 01, 2023Ravie LakshmananEnterprise Security / Authentication Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network (MPN) accounts that were used for creating malicious OAuth applications as part of a malicious campaign designed to breach organizations' cloud environments and steal email. "The applications created by these fraudulent actors were … [Read more...] about Hackers Abused Microsoft’s “Verified Publisher” OAuth Apps to Breach Corporate Email Accounts
QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates
Jan 31, 2023Ravie LakshmananData Security / Vulnerability Taiwanese company QNAP has released updates to remediate a critical security flaw affecting its network-attached storage (NAS) devices that could lead to arbitrary code injection. Tracked as CVE-2022-27596, the vulnerability is rated 9.8 out of a maximum of 10 on the CVSS scoring scale. It affects QTS 5.0.1 and QuTS … [Read more...] about QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates