EU to Stage Large-Scale Cyberattack Exercise on Supply Chains. The aim of the six-week exercise is to stress-test Europe’s resilience, strengthen preparedness and cooperation among member states, and improve the effectiveness of a joint response.
A Safari bug has surfaced, that can leak browsing history and information related to Google account. Apple’s browser, which is the default on macOS, iOS, and iPad OS has a security issue related to IndexedDB.
Apache has released version 2.17.0 of the patch for Log4j after discovering issues with their previous release, which came out on Tuesday. Apache said version 2.16 “does not always protect from infinite recursion in lookup evaluation” and explained that it is vulnerable to CVE-2021-45105, a denial of service vulnerability. They said the severity is “high” and gave it a CVSS score of 7.5.
Security researchers from Google Project Zero discovered two vulnerabilities in the video conferencing software Zoom that expose users to attacks. The vulnerabilities impact Zoom Client for Meetings on Windows, macOS, Linux, iOS, and Android. The first flaw, tracked as CVE-2021-34423, is a high-severity buffer overflow vulnerability that received a CVSS base score of 7.3.
An independent security researcher discovered a way to brute force Verizon PINs online, meaning they could potentially break into Verizon customer accounts. In response, Verizon has taken the impacted web pages offline.
Business software provider Zoho urged customers today to update their Desktop Central and Desktop Central MSP installations to the latest available version.
T&T Alien Labs™ has found new Golang malware BotenaGo written in the open source programming language Golang. Deployed with more than 30 exploits, it has the potential of targeting millions of routers and IoT devices.
The TrickBot malware operators have been using a new method to check the screen resolution of a victim system to evade detection of security software and analysis by researchers. Last year, the TrickBot gang added a new feature to their malware that terminated the infection chain if a device was using non-standard screen resolutions of 800×600 and 1024×768.
The Federal Bureau of Investigation (FBI) warns that ransomware gangs are targeting companies involved in “time-sensitive financial events” such as corporate mergers and acquisitions to make it easier to extort their victims. In a private industry notification published on Monday, the FBI said ransomware operators would use the financial information collected before attacks as leverage to force victims to comply with ransom demands.
The BlackMatter ransomware operation, which came to prominence earlier this year following the demise of the DarkSide ransomware gang, is allegedly shutting down due to “pressure from the authorities.” The group announced plans to shut down in a message posted on its ransomware-as-a-service (RaaS) portal, where other criminal groups typically register in order to get access to the BlackMatter ransomware strain.
Academic researchers have released details about a new attack method they call “Trojan Source” that allows injecting vulnerabilities into the source code of a software project in a way that human reviewers can’t detect.
Avast expert reported 80 apps belonging to a premium SMS scam campaign, which signs victims up for expensive premium SMS services. The apps that he discovered are part of the UltimaSMS campaign, consisting of 151 apps that at one point or another had been available for download on the Google Play Store.
Telegram bot SMSRanger helps cybercriminals steal one-time passwords. Attackers use a bot to send automatic messages to people, allegedly on behalf of a bank, PayPal, etc.Cybercriminals have armed themselves with a new, simplified attack tool based on scripts from the Telegram messenger that allows them to create bots to steal credentials with a one-time password, intercept control of user accounts and steal bank funds.
Victims of ransomware attacks in USA would be required to report payments to their hackers within 48 hours under a proposal from Democratic Senator Elizabeth Warren and Democratic Representative Deborah Ross.
New macOS zero-day bug lets attackers run commands remotely. Security researchers disclosed a new vulnerability in Apple’s macOS Finder, which makes it possible for attackers to run commands on Macs running any macOS version up to the latest release, Big Sur.
A team of researchers have devised a new method for protecting SSDs from ransomware attacks. It can detect ransomware, stop it in its tracks, and even recover stolen data in a matter of seconds. The cost should only be a minor increase in the SSD’s latency. SSD-Insider works by recognizing certain patters in SSD activity that are known to indicate ransomware.
Cybercriminals recreate Cobalt Strike in Linux. The new malware strain has gone unnoticed by detection tools. A re-implementation of Cobalt Strike has been “written from scratch” to attack Linux systems. Dubbed Vermilion Strike, Intezer said that the new variation leans on Cobalt Strike functionality, including its command-and-control (C2) protocol, its remote access functionality, and its ability to run shell instructions.
