20 May npm packages caught serving TurkoRAT binaries that mimic NodeJSResearchers have discovered multiple npm packages named after NodeJS libraries that even pack a Windows executable that resembles NodeJS but instead drops a sinister trojan. […]
19 May The Week in Ransomware – May 19th 2023 – A Shifting LandscapeIn the ever-shifting ransomware landscape, we saw new ransomware gangs emerge, threat actors return from a long absence, operations shifting extortion tactics, and a flurry of attacks on the enterprise. […]
19 May CISA warns of Samsung ASLR bypass flaw exploited in attacksCISA warned today of a security vulnerability affecting Samsung devices used in attacks to bypass Android address space layout randomization (ASLR) protection. […]
19 May Microsoft: Notorious FIN7 hackers return in Clop ransomware attacksA financially motivated cybercriminal group known as FIN7 resurfaced last month, with Microsoft threat analysts linking it to attacks where the end goal was the deployment of Clop ransomware payloads on victims’ networks. […]
19 May ASUS routers knocked offline worldwide by bad security updateASUS has apologized to its customers for a server-side security maintenance error that has caused a wide range of impacted router models to lose network connectivity. […]
19 May Dish Network likely paid ransom after recent ransomware attackDish Network, an American television provider, most likely paid a ransom after being hit by a ransomware attack in February based on the wording used in data breach notification letters sent to impacted employees. […]
19 May Luxottica confirms 2021 data breach after info of 70M leaks onlineLuxottica has confirmed one of its partners suffered a data breach in 2021 that exposed the personal information of 70 million customers after a database was posted this month for free on hacking forums. […]
18 May Cybercrime gang pre-infects millions of Android devices with malwareA cybercriminal tracked as the “Lemon Group” has been infecting millions of Android-based smartphones, watches, TVs, and TV boxes, with a malware strain named ‘Guerilla.’ […]
18 May KeePass exploit helps retrieve cleartext master password, fix coming soonThe popular KeePass password manager is vulnerable to extracting the master password from the application’s memory, allowing attackers who compromise a device to retrieve the password even with the database is locked. […]
18 May Apple fixes three new zero-days exploited to hack iPhones, MacsApple has addressed three new zero-day vulnerabilities exploited in attacks to hack into iPhones, Macs, and iPads. […]