Two new security flaws in the popular Simple Membership plugin for WordPress, affecting versions 4.3.4 and below, have been identified, leading to potential privilege escalation issues. With over 50,000 active installations, the plugin developed by smp7 and wp.insider is widely used for custom membership management on WordPress sites. The flaws identified by Patchstack security researchers include
Sep 27, 2023THNMalware / Cyber Attack A new threat actor known as AtlasCross has been observed leveraging Red Cross-themed phishing lures to deliver two previously undocumented backdoors named DangerAds and AtlasAgent. NSFOCUS Security Labs described the adversary as having a “high technical level and cautious attack attitude,” adding that “the phishing attack activity captured this
Xenomorph malware has reemerged in a new distribution campaign, expanding its scope to target over 30 US banks along with various financial institutions worldwide. Cybersecurity analysts from ThreatFabric recently uncovered this resurgence, which relies on deceptive phishing webpages posing as a Chrome update to trick victims into downloading malicious APKs. Xenomorph first came to the
Dear Naked Security readers, Firstly, thank you for your interest, your time, and your contributions to the Naked Security community. Your invaluable engagement and expertise have helped improve cybersecurity for everyone. We have recently added the extensive catalog of Naked Security articles to the Sophos News blog platform, enabling us to provide all Sophos security
Sep 26, 2023THNEndpoint Security / Password Microsoft is officially rolling out support for passkeys in Windows 11 today as part of a major update to the desktop operating system. The feature allows users to login to websites and applications without having to provide a username and password, instead relying on their device PIN or biometric
Unit 42 researchers have unveiled a web of complex cyber-espionage attacks targeting a government in Southeast Asia. While initially thought to be the work of a single threat actor, the researchers discovered that the attacks were orchestrated by three separate and distinct clusters of threat actors. These espionage operations, occurring simultaneously or nearly so, affected
Sep 25, 2023THNCyber Attack / Phishing Ukrainian military entities are the target of a phishing campaign that leverages drone manuals as lures to deliver a Go-based open-source post-exploitation toolkit called Merlin. “Since drones or Unmanned Aerial Vehicles (UAVs) have been an integral tool used by the Ukrainian military, malware-laced lure files themed as UAVs service
For years, the Middle East has maintained its reputation as a fertile ground for advanced persistent threats (APTs). In the midst of routine monitoring of suspicious activities on the systems of high-profile customers, some based in this region, ESET Research stumbled upon a very sophisticated and unknown backdoor that we have named Deadglyph. We derived
Security researchers at SentinelLabs, in collaboration with QGroup, have unveiled a new threat actor known as Sandman. This unidentified group has been launching targeted attacks on telecommunications providers in regions including the Middle East, Western Europe and South Asia. According to an advisory published by SentinelLabs on Thursday, Sandman’s tactics are marked by stealthy lateral movements
The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023. “The targeting took place after Eltantawy publicly stated his plans to run
Video Two ESET malware researchers took to the LABScon stage this year to deconstruct sophisticated attacks conducted by two well-known APT groups 22 Sep 2023 The lineup of speakers at this year’s edition of LABScon featured two ESET malware researchers who took to the stage to deconstruct sophisticated attacks conducted by two well-known APT groups.
The year 2023 has seen a surge of over 700 advertisements on the dark web offering Distributed Denial of Service (DDoS) attacks through Internet of Things (IoT) devices, suggests a new report by Kaspersky. These services come at varying price points, depending on factors like DDoS protection and verification on the target’s end, ranging from
Sep 23, 2023THNCyber Espionage / Malware Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign. “Deadglyph’s architecture is unusual as it consists of cooperating components – one a native x64 binary, the other a .NET assembly,” ESET
The US Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the National Football League (NFL), Allegiant Stadium and Super Bowl LVIII partners, has conducted a cybersecurity tabletop exercise this week in preparation for Super Bowl LVIII. The exercise aimed to assess and enhance cybersecurity response capabilities, plans and procedures for the upcoming event. The Super
Sep 22, 2023THNMalware / Cyber Threat An active malware campaign targeting Latin America is dispensing a new variant of a banking trojan called BBTok, particularly users in Brazil and Mexico. “The BBTok banker has a dedicated functionality that replicates the interfaces of more than 40 Mexican and Brazilian banks, and tricks the victims into entering
ESET researchers have analyzed two campaigns by the OilRig APT group: Outer Space (2021), and Juicy Mix (2022). Both of these cyberespionage campaigns targeted Israeli organizations exclusively, which is in line with the group’s focus on the Middle East, and used the same playbook: OilRig first compromised a legitimate website to use as a C&C
The UK government has announced its decision to establish a data bridge with the US, enabling the free flow of personal data between the two regions. Adequacy regulations have been laid out in the UK Parliament on September 21, 2023, to give effect to this decision, with the regulations due to come into force from
Sep 21, 2023THNBotnet / Cyber Threat The peer-to-peer (P2) worm known as P2PInfect has witnessed a surge in activity since late August 2023, witnessing a 600x jump between September 12 and 19, 2023. “This increase in P2PInfect traffic has coincided with a growing number of variants seen in the wild, suggesting that the malware’s developers
The average annual cost of insider risk incidents has risen to $16.2m per organization in 2023, up from $15.4m in 2022, according to DTEX and the Ponemon Institute’s latest Cost of Insider Risks report. This represents a 40% rise over four years. The research also found that the number of insider incidents has increased to
Sep 20, 2023THNCyber Crime / Dark Web Finnish law enforcement authorities have announced the takedown of PIILOPUOTI, a dark web marketplace that specialized in illegal narcotics trade since May 2022. “The site operated as a hidden service in the encrypted TOR network,” the Finnish Customs (aka Tulli) said in a brief announcement on Tuesday. “The
A Chinese-linked threat actor known as ‘Earth Lusca’ has been conducting cyber espionage campaigns against governments around the world via a previously unknown Linux backdoor, according to an analysis by Trend Micro. The researchers, Joseph C Chen and Jaromir Horejsi, revealed they had been tracking the group since an initial publication about its activities in
Sep 19, 2023THNMalware / Cyber Threat Telecommunication service providers in the Middle East are the target of a new intrusion set dubbed ShroudedSnooper that employs a stealthy backdoor called HTTPSnoop. “HTTPSnoop is a simple, yet effective, backdoor that consists of novel techniques to interface with Windows HTTP kernel drivers and devices to listen to incoming
We Live Progress Once you’ve made it past the initial screening process and secured that all-important interview, it’s time to seal the deal. These 10 tips will put you on the right track. Phil Muncaster 18 Sep 2023 • , 6 min. read The cybersecurity industry has a shortfall of 3.4 million professionals worldwide. But
Malicious actors have stolen more than $1m in a ‘pig butchering’ cryptocurrency scam in just three months, researchers from Sophos have found. The highly sophisticated operation used a total of 14 domains and dozens of nearly identical fraud sites, according to the investigation. The attackers utilized fake trading pools of cryptocurrency from decentralized finance (DeFi)
Sep 18, 2023THNCloud Security / Cryptocurrecy A novel cloud-native cryptojacking operation has set its eyes on uncommon Amazon Web Services (AWS) offerings such as AWS Amplify, AWS Fargate, and Amazon SageMaker to illicitly mine cryptocurrency. The malicious cyber activity has been codenamed AMBERSQUID by cloud and container security firm Sysdig. “The AMBERSQUID operation was able
A major data breach at Airbus revealed earlier this week stemmed from a RedLine info-stealer likely hidden in a pirated copy of Microsoft software, according to researchers. The European aerospace giant said it has launched an investigation into the incident. “As a major high-tech and industrial player, Airbus is also a target for malicious actors,”
Sep 17, 2023THNCryptocurrency / Cyber Attack The North Korea-affiliated Lazarus Group has stolen nearly $240 million in cryptocurrency since June 2023, marking a significant escalation of its hacks. According to multiple reports from Certik, Elliptic, and ZachXBT, the infamous hacking group is said to be suspected behind the theft of $31 million in digital assets
China’s malicious cyber activity informs its preparations for a potential military conflict with the US, a new report from the Department of Defense (DoD) has claimed. The agency’s 2023 Cyber Strategy highlighted the People’s Republic of China (PRC) and Russia’s embrace of malicious cyber activity “as a means to counter US conventional military power and
Sep 16, 2023THNPrivacy / Technology The Irish Data Protection Commission (DPC) slapped TikTok with a €345 million (about $368 million) fine for violating the European Union’s General Data Protection Regulation (GDPR) in relation to its handling of children’s data. The investigation, initiated in September 2021, examined how the popular short-form video platform processed personal data
Four out of five (80.3%) security vulnerabilities observed in organizations across all sectors come from a cloud environment, Palo Alto Networks’ Unit 42 found in its latest Attack Surface Threat Research. The report, published on September 14, 2023, outlined the most common cloud security flaws, of which 60% come from web framework takeover (22.8%), remote
- 1
- 2
- 3
- …
- 98
- Next Page »