Uncategorized – Page 473 – Learn and Explore

June 22, 2023
Uncategorized

Camaro Dragon Hackers Strike with USB-Driven Self-Propagating Malware

The Chinese cyber espionage actor known as Camaro Dragon has been observed leveraging a new strain of self-propagating malware that spreads through compromised USB drives. “While their primary focus has traditionally been Southeast Asian countries, this latest discovery reveals their global reach and highlights the alarming role USB drives play in...

June 22, 2023
Uncategorized

Unveiling the Unseen: Identifying Data Exfiltration with Machine Learning

Why Data Exfiltration Detection is Paramount? The world is witnessing an exponential rise in ransomware and data theft employed to extort companies. At the same time, the industry faces numerous critical vulnerabilities in database software and company websites. This evolution paints a dire picture of data exposure and exfiltration...

June 22, 2023
Uncategorized

Critical Flaw Found in WordPress Plugin for WooCommerce Used by 30,000 Websites

A critical security flaw has been disclosed in the WordPress “Abandoned Cart Lite for WooCommerce” plugin that’s installed on more than 30,000 websites. “This vulnerability makes it possible for an attacker to gain access to the accounts of users who have abandoned their carts, who are typically customers but can extend...

June 22, 2023
Uncategorized

Zero-Day Alert: Apple Releases Patches for Actively Exploited Flaws in iOS, macOS, and Safari

Apple on Wednesday released a slew of updates for iOS, iPadOS, macOS, watchOS, and Safari browser to address a set of flaws it said were actively exploited in the wild. This includes a pair of zero-days that have been weaponized in a mobile surveillance campaign called Operation Triangulation that has been active since...

June 21, 2023
Uncategorized

ScarCruft Hackers Exploit Ably Service for Stealthy Wiretapping Attacks

The North Korean threat actor known as ScarCruft has been observed using an information-stealing malware with previous undocumented wiretapping features as well as a backdoor developed using Golang that exploits the Ably real-time messaging service. “The threat actor sent their commands through the Golang backdoor that is using the...

June 21, 2023
Uncategorized

New Report Exposes Operation Triangulation’s Spyware Implant Targeting iOS Devices

More details have emerged about the spyware implant that’s delivered to iOS devices as part of a campaign called Operation Triangulation. Kaspersky, which discovered the operation after becoming one of the targets at the start of the year, said the malware has a lifespan of 30 days, after which it gets...

June 21, 2023
Uncategorized

Startup Security Tactics: Friction Surveys

When we do quarterly planning, my team categorizes our goals within four evergreen outcomes: Reduce the risk of information security incidents Increase trust in Vanta’s information security program Reduce the friction caused by information security controls Use security expertise to support the business In this article, I’m going to focus...

June 21, 2023
Uncategorized

Critical ‘nOAuth’ Flaw in Microsoft Azure AD Enabled Complete Account Takeover

A security shortcoming in Microsoft Azure Active Directory (AD) Open Authorization (OAuth) process could have been exploited to achieve full account takeover, researchers said. California-based identity and access management service Descope, which discovered and reported the issue in April 2023, dubbed it nOAuth. “nOAuth is an authentication implementation flaw that...

June 21, 2023
Uncategorized

Chinese Hacker Group ‘Flea’ Targets American Ministries with Graphican Backdoor

Foreign affairs ministries in the Americas have been targeted by a Chinese state-sponsored actor named Flea as part of a recent campaign that spanned from late 2022 to early 2023. The cyber attacks, per Broadcom’s Symantec, involved a new backdoor codenamed Graphican. Some of the other targets included a government finance...

June 21, 2023
Uncategorized

New Condi Malware Hijacking TP-Link Wi-Fi Routers for DDoS Botnet Attacks

A new malware called Condi has been observed exploiting a security vulnerability in TP-Link Archer AX21 (AX1800) Wi-Fi routers to rope the devices into a distributed denial-of-service (DDoS) botnet. Fortinet FortiGuard Labs said the campaign has ramped up since the end of May 2023. Condi is the work of a threat actor who...