Author: Admin
August 10, 2024Ravi LakshmananBrowser Security / Internet Fraud An ongoing, widespread malware campaign has been observed to install fake Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites posing as popular software. “Malware Trojans contain a variety of results, ranging from simple adware extensions that hijack search engines to more sophisticated malicious scripts that deliver local extensions to steal private data and execute various commands,” ReasonLabs research team. said in the analysis. “This malicious Trojan, which has been around since 2021, comes from impersonating download websites with add-ons for online games and videos.” At least 300,000…
August 10, 2024Ravi LakshmananVulnerability / Enterprise Security Microsoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could lead to the unauthorized disclosure of sensitive information to attackers. The vulnerability, tracked as CVE-2024-38200 (CVSS score: 7.5), has been described as a spoofing flaw that affects the following versions of Office – Microsoft Office 2016 for 32-bit and 64-bit versions Microsoft Office LTSC 2021 for 32-bit and 64-bit Microsoft 365 apps for business for 32-bit and 64-bit systems Microsoft Office 2019 for 32-bit and 64-bit versions Researchers Jim Rush and Metin Yunus Kandemir are credited with discovering and reporting…
August 9, 2024Ravi LakshmananCloud Security / Data Protection Cybersecurity researchers have discovered multiple critical flaws in Amazon Web Services (AWS) offerings that, if successfully exploited, could lead to serious consequences. “The impact of these vulnerabilities ranges from remote code execution (RCE), full-service user hijacking (which can provide powerful administrative access), manipulation of artificial intelligence modules, exposure of sensitive data, data theft, and denial of service,” it writes Aqua is a cloud security company. according to a detailed report shared by The Hacker News. After making a responsible disclosure in February 2024, Amazon addressed the deficiencies over several months from March…
August 9, 2024Ravi LakshmananVulnerability / Network Security Microsoft on Thursday disclosed four medium-severity security flaws in its open-source OpenVPN software that could be combined to achieve remote code execution (RCE) and local elevation of privilege (LPE). “This chain of attacks can allow attackers to gain complete control over targeted endpoints, potentially leading to data leakage, system compromise, and unauthorized access to sensitive information,” Vladimir Tokarov of the Microsoft Threat Intelligence Community. said. However, the exploit presented by Black Hat USA 2024 requires user authentication and a deep understanding of OpenVPN’s inner workings. The vulnerabilities affect all OpenVPN versions up to…
August 9, 2024Ravi LakshmananIoT Security / Wireless Security Cybersecurity researchers have discovered weaknesses in Sonos smart speakers that could be used by an attacker to secretly eavesdrop on users. The vulnerabilities “resulted in a complete breach of Sonos’ secure download process on a wide range of devices and the ability to remotely hack multiple devices over the air,” NCC Group security researchers Alex Plaskett and Robert Herrera noted. said. Successful exploitation of one of these flaws could allow a remote attacker to secretly capture audio from Sonos devices via a wireless attack. They are affect all versions to Sonos S2…
August 9, 2024Ravi LakshmananNational Security / Identity Theft The US Department of Justice (DoJ) on Thursday indicted a 38-year-old Nashville, Tennessee man for allegedly running a “laptop farm” to help North Koreans get remote jobs at US and British companies. Matthew Isaac Noth is charged with conspiracy to damage a protected computer, conspiracy to launder money, conspiracy to defraud, willful damage to a protected computer, identity theft and conspiracy to illegally recruit aliens. If convicted, Knuth faces a maximum sentence of 20 years in prison, with a mandatory minimum of two years in prison for aggravated identity theft. Court documents…
August 9, 2024Ravi LakshmananVulnerability / Network Security The US Cybersecurity and Infrastructure Security Agency (CISA) has revealed that threat actors are exploiting an outdated Cisco Smart Install (SMI) function for the purpose of accessing confidential data. Agency said he saw adversaries “obtaining system configuration files using available protocols or software on devices, such as by abusing Cisco’s legacy Smart Install feature.” It also said it continues to monitor weak password types used on Cisco network devices, thereby exposing them to password cracking attacks. Password types refer to the algorithms used to protect the Cisco device password in the system configuration…
August 8, 2024Ravi LakshmananCyber attack / Cyber espionage The threat actor associated with North Korea is known as Kimsuki has been linked to a new set of attacks targeting university staff, researchers and teachers for intelligence gathering purposes. Cybersecurity firm Resilience said it discovered the activity in late July 2024 after noticing an operation security (OPSEC) error made by hackers. Kimsuky, also known as APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet, Springtail and Velvet Chollima, is just one of many offensive cyber groups operating under the direction of the North Korean government and military. It is also very active, often using…
August 8, 2024Ravi LakshmananBrowser Vulnerability / Security Cybersecurity researchers have discovered a new “0.0.0.0 Day” that affect all major web browsers, which malicious sites can use to hack local networks. The critical vulnerability “exposes a fundamental flaw in the way browsers handle network requests, potentially giving attackers access to confidential services running on local devices,” said Oligo Security researcher Avi Lumelsky said. The Israeli application security company said the implications of the vulnerability are far-reaching and that it stems from inconsistent implementation of security mechanisms and a lack of standardization across browsers. As a result, a seemingly innocuous IP address…
August 8, 2024Ravi LakshmananNetwork Security / Cloud Security Cybersecurity researchers have discovered a new phishing campaign that uses Google Drawings and shortened links created via WhatsApp to avoid detection and trick users into clicking fake links designed to steal sensitive information. “The attackers chose a group of the most prominent websites in computing to create the threat, including Google and WhatsApp to host the attack elements, and an Amazon lookalike to collect the victim’s information,” Menlo Security researcher Ashwin Vamshi said. “This attack is a great example of life at the expense of trusted sites (a lot) threat”. The starting…