Month: June 2022
Google Blocks Dozens of Malicious Domains Operated by Hack-for-Hire Groups
30 June 2022Google’s Threat Analysis Group (TAG) on Thursday disclosed it had acted to block as many as 36 malicious domains operated by hack-for-hire groups from India, Russia, and the U.A.E. In a manner analogous to the surveillanceware ecosystem, hack-for-hire firms equip their clients with capabilities to enable targeted attacks aimed at corporates as well as activists, […]
Read More
U.S. FCC Commissioner Asks Apple and Google to Remove TikTok from App Stores
30 June 2022One of the commissioners of the U.S. Federal Communications Commission (FCC) has renewed calls asking for Apple and Google to boot the popular video-sharing platform TikTok from their app stores citing “its pattern of surreptitious data practices.” “It is clear that TikTok poses an unacceptable national security risk due to its extensive data harvesting being […]
Read More
What is Shadow IT and why is it so risky?
30 June 2022Shadow IT refers to the practice of users deploying unauthorized technology resources in order to circumvent their IT department. Users may resort to using shadow IT practices when they feel that existing IT policies are too restrictive or get in the way of them being able to do their jobs effectively. An old school phenomenon […]
Read More
Ex-Canadian Government Employee Pleads Guilty Over NetWalker Ransomware Attacks
30 June 2022A former Canadian government employee this week agreed to plead guilty in the U.S. to charges related to his involvement with the NetWalker ransomware syndicate. Sebastien Vachon-Desjardins, who was extradited to the U.S. on March 10, 2022, is accused of conspiracy to commit computer fraud and wire fraud, intentional damage to a protected computer, and […]
Read More
North Korean Hackers Suspected to be Behind $100M Horizon Bridge Hack
30 June 2022The notorious North Korea-backed hacking collective Lazarus Group is suspected to be behind the recent $100 million altcoin theft from Harmony Horizon Bridge, citing similarities to the Ronin bridge attack in March 2022. The finding comes as Harmony confirmed that its Horizon Bridge, a platform that allows users to move cryptocurrency across different blockchains, had […]
Read More
New YTStealer Malware Aims to Hijack Accounts of YouTube Content Creators
29 June 2022Cybersecurity researchers have documented a new information-stealing malware that targets YouTube content creators by plundering their authentication cookies. Dubbed “YTStealer” by Intezer, the malicious tool is likely believed to be sold as a service on the dark web, with it distributed using fake installers that also drop RedLine Stealer and Vidar. “What sets YTStealer aside […]
Read More
New UnRAR Vulnerability Could Let Attackers Hack Zimbra Webmail Servers
29 June 2022A new security vulnerability has been disclosed in RARlab’s UnRAR utility that, if successfully exploited, could permit a remote attacker to execute arbitrary code on a system that relies on the binary. The flaw, assigned the identifier CVE-2022-30333, relates to a path traversal vulnerability in the Unix versions of UnRAR that can be triggered upon […]
Read More
New ‘FabricScape’ Bug in Microsoft Azure Service Fabric Impacts Linux Workloads
29 June 2022Cybersecurity researchers from Palo Alto Networks Unit 42 disclosed details of a new security flaw affecting Microsoft’s Service Fabric that could be exploited to obtain elevated permissions and seize control of all nodes in a cluster. The issue, which has been dubbed FabricScape (CVE-2022-30137), could be exploited on containers that are configured to have runtime […]
Read More
CISA Warns of Active Exploitation of ‘PwnKit’ Linux Vulnerability in the Wild
29 June 2022The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week moved to add a Linux vulnerability dubbed PwnKit to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. The issue, tracked as CVE-2021-4034 (CVSS score: 7.8), came to light in January 2022 and concerns a case of local privilege escalation in polkit’s pkexec utility, […]
Read More
ZuoRAT Malware Hijacking Home-Office Routers to Spy on Targeted Networks
28 June 2022A never-before-seen remote access trojan dubbed ZuoRAT has been singling out small office/home office (SOHO) routers as part of a sophisticated campaign targeting North American and European networks. The malware “grants the actor the ability to pivot into the local network and gain access to additional systems on the LAN by hijacking network communications to […]
Read More