-
September 30th: Cross-platform Chaos malware +++ Patch of the week
Cross-platform Chaos malware A new Botnet is taking hold of Windows and Linux devices alike, using them to start DDoS (Distributed Denial of Service) attacks. Chaos, a Go-based malware, can infect various architectures like x86, AMD64, ARMv5 and many more. With such a wide spectrum, it does not just target high value devices, it also […]
-
September 23rd: New rapidly evolving Chromeload Malware campaign +++ EU Cyber Resilience Act
Chromeload Malware Microsoft and VMware are warning of a new rapidly evolving malware campaign. The campaign formally known as ChromeLoader was first spotted in January 2022. At that time the malware was only used for hijacking the browser of victims and steal information. Overtime the malware evolved and fulfills now different purposes with different versions. […]
-
September 16th: Microsoft Patch fixes 63 vulnerabilities +++ Zero-Day Vulnerability in WordPress Plugin
Microsoft Patch fixes 63 vulnerabilities, including 5 critical Microsoft released a new Patch on Tuesday the 13th which fixes 63 vulnerabilities, 5 of them are classified as critical as they allow remote code execution. The number of bugs in each vulnerability category is listed below: 18 Elevation of Privilege Vulnerabilities 1 Security Feature Bypass Vulnerabilities […]
-
September 9th: Emerge of a new more user-friendly Phishing-as-a-Service platform +++ New stealthy Linux malware
Emerge of a new more user-friendly Phishing-as-a-Service platform A new reverse-proxy Phishing-as-a-Service (PaaS) platform called EvilProxy has emerged from the darknet with the promise to grant access to mainstream accounts like Apple, Google, Facebook, Microsoft and many more, even with MFA (Multi-factor authentication). In comparison to the other used methods before, EvilProxy is more user-friendly. […]
-
September 2nd: GO#WEBBFUSCATOR +++ Patches of the week
GO#WEBBFUSCATOR Threat analysts form Securonix have spotted a new malware campaign dubbed GO#WEBBFUSCATOR which relies on phishing e-mails, malicious documents and most curiously on an image of the James Webb telescope. The malware is written in Golang, a programing language which is becoming increasingly popularfor cybercrime thanks to its cross-platform and its resistance to reverse […]
-
August 26th: Microsoft Cyber Signals +++ Two new air-gap attacks +++ Cybercrime 2021 Threat Landscape Report
Microsoft Cyber Signals: Defend against the new ransomware landscape Microsoft published Cyber Signals, spotlighting security trends and insights gathered from Microsoft’s 43 trillion security signals and 8,500 security experts. In this edition, they pull back the curtain on the evolving cybercrime economy and the rise of Ransomware-as-a-service (RaaS). Instead of relying on what cybercriminals say […]
-
August 19th: Apple security updates +++ Google Chrome zero-day +++ BugDrop malware
Apple security updates to patch new zero-day vulnerabilites Apple released on Wednesday security updates for iOS, iPadOS, and macOS platforms to remediate two zero-day vulnerabilities previously exploited by threat actors to compromise its devices: CVE-2022-32893 – An out-of-bounds issue in WebKit which could lead to the execution of arbitrary code by processing a specially crafted web […]
-
August 12th: Processors contain vulnerabilities +++ Open Cybersecurity Schema Framework +++ Vulnerabilities and updates of the week
After Spectre and Meltdown, it is now Æpicleak’s and SQUIP’s turn Processors from AMD and Intel contain vulnerabilities that attackers can use to leak data. They were found by researchers of Sapienza University of Rome, the Graz University of Technology, the CISPA Helmholtz Center for Information Security, and Amazon Web Services. The first vulnerability – […]
-
July 29th: Attack from charging socket via “Ghost Touch” +++ 2022 Unit 42 Incident Response Report +++ Security updates Samba
Touchscreens: Attack from the charging socket via “Ghost Touch” Researchers from Technical University Darmstadt and Zhejiang University in Hangzhou carried out attacks on capacitive touchscreens via charging cables and power supply units and thus uncovered a new attack possibility on mobile devices. In the experimental setup, a compromised public charging station was assumed to be […]
-
July 22nd: CloudMensis +++ Online storage services used for delivering malware +++ Vulnerabilities of the week
New malware backdoor: CloudMensis ESET researchers first spotted the new malware in April 2022 and named it CloudMensis. Why? It uses pCloud, Yandex Disk, and Dropbox public cloud storage services for command-and-control (C2) communication. CloudMensis’ capabilities clearly show that its operators’ main goal is to collect sensitive information from infected Macs through various means. These […]