Mar 05, 2025Ravie LakshmananNetwork Security / Data Breach The China-lined threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the information technology (IT) supply chain as a means to obtain initial access to corporate networks. That's according to new findings from the Microsoft … [Read more...] about China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access
network security
Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates
Mar 04, 2025Ravie LakshmananCybercrime / Threat Intelligence Threat actors deploying the Black Basta and CACTUS ransomware families have been found to rely on the same BackConnect (BC) module for maintaining persistent control over infected hosts, a sign that affiliates previously associated with Black Basta may have transitioned to CACTUS. "Once infiltrated, it grants … [Read more...] about Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates
Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail
Mar 03, 2025Ravie LakshmananCloud Security / Email Security Threat actors are targeting Amazon Web Services (AWS) environments to push out phishing campaigns to unsuspecting targets, according to findings from Palo Alto Networks Unit 42. The cybersecurity company is tracking the activity cluster under the name TGR-UNK-0011 (short for a threat group with unknown motivation), … [Read more...] about Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail
Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language
Mar 01, 2025Ravie LakshmananPrivacy / Data Protection Firefox browser maker Mozilla on Friday updated its Terms of Use a second time within a week following criticism overbroad language that appeared to give the company the rights to all information uploaded by users. The revised Terms of Use now states - You give Mozilla the rights necessary to operate Firefox. This includes … [Read more...] about Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language
Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone
Feb 28, 2025Ravie LakshmananMobile Security / Zero-Day A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a new report from Amnesty International. "The Android phone of one student protester was exploited and unlocked by a sophisticated zero-day exploit chain targeting Android … [Read more...] about Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone
a Double-Edged Sword for IT Teams – Essential Yet Exploitable
Remote Desktop Protocol (RDP) is an amazing technology developed by Microsoft that lets you access and control another computer over a network. It's like having your office computer with you wherever you go. For businesses, this means IT staff can manage systems remotely, and employees can work from home or anywhere, making RDP a true game-changer in today's work … [Read more...] about a Double-Edged Sword for IT Teams – Essential Yet Exploitable
Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations
Feb 27, 2025Ravie LakshmananMalware / Threat Intelligence A new campaign is targeting companies in Taiwan with malware known as Winos 4.0 as part of phishing emails masquerading as the country's National Taxation Bureau. The campaign, detected last month by Fortinet FortiGuard Labs, marks a departure from previous attack chains that have leveraged malicious game-related … [Read more...] about Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations
Hackers Exploited Krpano Framework Flaw to Inject Spam Ads on 350+ Websites
A cross-site scripting (XSS) vulnerability in a virtual tour framework has been weaponized by malicious actors to inject malicious scripts across hundreds of websites with the goal of manipulating search results and fueling a spam ads campaign at scale. Security researcher Oleg Zaytsev, in a report shared with The Hacker News, said the campaign – dubbed 360XSS – affected over … [Read more...] about Hackers Exploited Krpano Framework Flaw to Inject Spam Ads on 350+ Websites
LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile
Cybersecurity researchers have flagged an updated version of the LightSpy implant that comes equipped with an expanded set of data collection features to extract information from social media platforms like Facebook and Instagram. LightSpy is the name given to a modular spyware that's capable of infecting both Windows and Apple systems with an aim to harvest data. It was first … [Read more...] about LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile
New Malware Campaign Uses Cracked Software to Spread Lumma and ACR Stealer
Feb 24, 2025Ravie LakshmananEndpoint Security / Vulnerability Cybersecurity researchers are warning of a new campaign that leverages cracked versions of software as a lure to distribute information stealers like Lumma and ACR Stealer. The AhnLab Security Intelligence Center (ASEC) said it has observed a spike in the distribution volume of ACR Stealer since January 2025. A … [Read more...] about New Malware Campaign Uses Cracked Software to Spread Lumma and ACR Stealer