Author: Admin
August 7, 2024Ravi LakshmananMalware/program security Apple on Tuesday announced an update to its next-gen version of macOS that makes overriding a bit more difficult for users Goalkeeper protection. A goalkeeper is a the most important line of defense built into macOS, designed to ensure that only trusted programs run on the operating system. When an app is downloaded from outside the App Store and opened for the first time, it verifies that the software is from an identified developer. It also performs checks to ensure that the program is notarized and has not been tampered with to install malware on…
August 6, 2024Ravi LakshmananEmail Security / Financial Fraud INTERPOL said it had developed a “global stop payment mechanism” that helped facilitate the largest-ever recovery of funds stolen in a business email hack (BEC) fraud. This development comes after an unnamed commodity firm based in Singapore fell victim to a BEC scam in mid-July 2024. This refers to a type of cybercrime where an attacker impersonates a trusted person and uses email to trick entities into sending money or disclose confidential information about the company. Such attacks can occur in a number of ways, including gaining unauthorized access to a financial…
August 6, 2024Hacker newsSaaS Security / Threat Detection Everyone loves a double-agent plot twist in a spy movie, but it’s a completely different story when it comes to protecting a company’s data. Intentional or unintentional, insider threats are a legitimate concern. In accordance with CSA research26% of companies that reported a SaaS security incident were impacted by an insider. The challenge for many is to identify these threats before they lead to full-blown breaches. Many security professionals believe that there is nothing they can do to protect themselves from a legitimate managed user logging in with valid credentials using the…
August 6, 2024Ravi LakshmananMalware / Windows Security The threat actor associated with North Korea is known as Moonstone continues to push malicious npm packages into the JavaScript package registry to infect Windows systems, highlighting the persistent nature of their campaigns. The packages in question are harthat-fire and heartthat hash, were published on July 7, 2024, according to Datadog Security Labs. Both libraries did not attract any downloads and were soon discontinued after a short period of time. The cloud-monitoring firm’s security unit is tracking a threat called Stressed Pungsan that shows similarities to a recently discovered North Korean malware cluster…
August 6, 2024Ravi LakshmananAndroid / Malware Users in Russia have been targeted by a previously undocumented Android spyware called LianSpy at least from 2021. Cybersecurity vendor Kaspersky, which discovered the malware in March 2024, noted that it uses Yandex Cloud, a Russian cloud service, for command-and-control (C2) communications as a way to avoid dedicated infrastructure and avoid detection. “This threat is designed to capture screencasts, steal user files, and collect call logs and application lists,” security researcher Dmitry Kalinin said in a new technical report published on Monday. It is currently unclear how the spyware is being distributed, but the…
August 6, 2024Ravi LakshmananMobile Security / Vulnerability Google has fixed a serious security flaw affecting the Android kernel that was heavily used in the wild. The vulnerability, tracked as CVE-2024-36971, has been described as a case of remote code execution affecting the kernel. “There are indications that CVE-2024-36971 may be in limited, targeted exploitation,” the tech giant said noted in its August 2024 Android Security Monthly Bulletin. As is usually the case, the company did not share any additional information about the nature of the cyberattacks exploiting the flaw or attribute the activity to a specific threat actor or group.…
August 6, 2024Ravi LakshmananEnterprise Security / Vulnerability A new zero-day remote code execution pre-authentication vulnerability has been discovered in Apache OFBiz open source enterprise resource planning (ERP) system, which could allow threat actors to achieve remote code execution in affected cases. Tracked as CVE-2024-38856, the flaw has a CVSS score of 9.8 out of a maximum of 10.0. This affects versions of Apache OFBiz prior to 12/18/15. “The root cause of the vulnerability is a flaw in the authentication mechanism,” SonicWall, which discovered and reported the flaw, said in a statement. “This flaw allows an unauthenticated user to access features…
August 5, 2024Ravi LakshmananNetwork Security / Threat Intelligence Organizations in Kazakhstan are the target of the so-called threat cluster Blood wolf which delivers a malware product called LOSS (aka Master Strigoi). “The program, which sells for as little as $80 on the underground resources, allows adversaries to take control of corporate computers and capture prohibited data,” – cyber security vendor BI.ZONE. said in a new analysis. Cyberattackers use phishing emails as the initial access vector, impersonating the Ministry of Finance of the Republic of Kazakhstan and other agencies to force recipients to open PDF attachments. The file purports to be…
August 5, 2024Ravi LakshmananThreat Intelligence / Vulnerability Cybersecurity researchers have discovered design flaws in Microsoft’s Windows Smart App Control and SmartScreen that could allow threat actors to gain initial access to targeted environments without any warning. Intelligent Program Management (SAC) is a cloud-based security feature introduced from Microsoft in Windows 11 to block malicious, untrusted and potentially unwanted programs from running on the system. In cases where the service cannot make a prediction about the application, it checks whether it is signed or has a valid signature in order to be executed. SmartScreen, which was released with Windows 10, is…
August 5, 2024Hacker newsCyber Security / Data Privacy Act The Loper Bright decision produced dramatic results: the Supreme Court overturned forty years of administrative law, leading to potential litigation over the interpretation of ambiguous laws previously enacted by federal agencies. This article explores key questions for cybersecurity professionals and leaders as we enter a more contentious period of cybersecurity legislation. Background What is Loper Bright’s solution? The decision of the US Supreme Court in the case of Loper Bright was overturned Chevron is honored, stating that the courts, not the agencies, will decide all relevant questions of law that arise…