Month: June 2023
Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Espionage Attacks
30 June 2023Jun 30, 2023The Hacker NewsCyber Espionage/ Malware Charming Kitten, the nation-state actor affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC), has been attributed to a bespoke spear-phishing campaign that delivers an updated version of a fully-featured PowerShell backdoor called POWERSTAR. “There have been improved operational security measures placed in the malware to make it more […]
Read More
3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage
30 June 2023Jun 30, 2023The Hacker NewsSaaS Security / Artificial Intelligence, In today’s fast-paced digital landscape, the widespread adoption of AI (Artificial Intelligence) tools is transforming the way organizations operate. From chatbots to generative AI models, these SaaS-based applications offer numerous benefits, from enhanced productivity to improved decision-making. Employees using AI tools experience the advantages of quick […]
Read More
WhatsApp Upgrades Proxy Feature Against Internet Shutdowns
30 June 2023Jun 30, 2023Ravie LakshmananPrivacy / Tech Meta’s WhatsApp has rolled out updates to its proxy feature, allowing more flexibility in the kind of content that can be shared in conversations. This includes the ability to send and receive images, voice notes, files, stickers and GIFs, WhatsApp told The Hacker News. The new features were first […]
Read More
Cybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking Campaign
30 June 2023Jun 30, 2023Ravie LakshmananServer Security / Cyber Threat An active financially motivated campaign is targeting vulnerable SSH servers to covertly ensnare them into a proxy network. “This is an active campaign in which the attacker leverages SSH for remote access, running malicious scripts that stealthily enlist victim servers into a peer-to-peer (P2P) proxy network, such […]
Read More
MITRE Unveils Top 25 Most Dangerous Software Weaknesses of 2023: Are You at Risk?
30 June 2023Jun 30, 2023Ravie LakshmananVulnerability / Software Security MITRE has released its annual list of the Top 25 “most dangerous software weaknesses” for the year 2023. “These weaknesses lead to serious vulnerabilities in software,” the U.S. Cybersecurity and Infrastructure Security Agency (CISA) said. “An attacker can often exploit these vulnerabilities to take control of an affected […]
Read More
From MuddyC3 to PhonyC2: Iran’s MuddyWater Evolves with a New Cyber Weapon
29 June 2023Jun 29, 2023Ravie Lakshmanan The Iranian state-sponsored group dubbed MuddyWater has been attributed to a previously unseen command-and-control (C2) framework called PhonyC2 that’s been put to use by the actor since 2021. Evidence shows that the custom made, actively developed framework has been leveraged in the February 2023 attack on Technion, an Israeli research institute, […]
Read More
Fluhorse: Flutter-Based Android Malware Targets Credit Cards and 2FA Codes
29 June 2023Jun 29, 2023Ravie LakshmananMobile Security / Malware Cybersecurity researchers have shared the inner workings of an Android malware family called Fluhorse. The malware “represents a significant shift as it incorporates the malicious components directly within the Flutter code,” Fortinet FortiGuard Labs researcher Axelle Apvrille said in a report published last week. Fluhorse was first documented […]
Read More
The Right Way to Enhance CTI with AI (Hint: It’s the Data)
29 June 2023Cyber threat intelligence is an effective weapon in the ongoing battle to protect digital assets and infrastructure – especially when combined with AI. But AI is only as good as the data feeding it. Access to unique, underground sources is key. Threat Intelligence offers tremendous value to people and companies. At the same time, its […]
Read More
North Korean Hacker Group Andariel Strikes with New EarlyRat Malware
29 June 2023Jun 29, 2023Ravie LakshmananVulnerability / Malware The North Korea-aligned threat actor known as Andariel leveraged a previously undocumented malware called EarlyRat in attacks exploiting the Log4j Log4Shell vulnerability last year. “Andariel infects machines by executing a Log4j exploit, which, in turn, downloads further malware from the command-and-control (C2) server,” Kaspersky said in a new report. […]
Read More
Android Spy App LetMeSpy Suffers Major Data Breach, Exposing Users’ Personal Data
29 June 2023Jun 29, 2023Ravie LakshmananMobile Security / Privacy Android-based phone monitoring app LetMeSpy has disclosed a security breach that allowed an unauthorized third-party to steal sensitive data associated with thousands of Android users. “As a result of the attack, the criminals gained access to email addresses, telephone numbers and the content of messages collected on accounts,” […]
Read More