Financial Fraud APK Campaign

During Unit 42 ivestigation discovering threats in legitimate network traffic, activity generated by a certain type of Android Package Kit (APK) files kept hitting their radar. The research revealed a family of malicious APKs targeting Chinese users that steals victim Read More …

Dallas says cyberattack targeted more people than previously disclosed

Hackers who targeted the city of Dallas had access to the addresses, Social Security numbers and other personal information of nearly 300 more people than what had been previously disclosed to the public, city officials now say. The city’s spokesperson Read More …

Weaponizing Apache OFBiz CVE-2023-51467

On December 26, SonicWall disclosed an authentication bypass affecting Apache OFBiz. SonicWall demonstrated the vulnerability, assigned CVE-2023-51467, by accessing the protected HTTP endpoint /webtools/control/ping without authentication. While that proved the vulnerability existed, it did not demonstrate arbitrary code execution. However, Read More …

Swiss government accused of massive online surveillance

The Swiss Federal Intelligence Service (SRC) is allegedly monitoring the digital activities of the Swiss population, particularly on their mobile phones and computers, according to the German-language magazine Republik.ch on Tuesday. What’s more, Swiss spies are said to be storing Read More …

Distributed Energy Generation Gateway (In)Security

Distributed energy generation (DEG) is a term used to describe the shift from centralized energy generation, such as power companies, to a source — typically a renewable energy source — closer to the user. It is most often seen in Read More …

Actively exploited 0-days in Ivanti VPN are letting hackers backdoor networks

Unknown threat actors are actively targeting two critical zero-day vulnerabilities that allow them to bypass two-factor authentication and execute malicious code inside networks that use a widely used virtual private network appliance sold by Ivanti, researchers said Wednesday. Ivanti reported Read More …

Atomic Stealer rings in the new year with updated version

Last year, Malwarebytes Labs researchers documented malware distribution campaigns both via malvertising and compromised sites delivering Atomic Stealer (AMOS) onto Mac users. This stealer has proven to be quite popular in the criminal underground and its developers have been adding Read More …

Texas-based care provider HMG Healthcare says hackers stole unencrypted patient data

Texas-based care provider HMG Healthcare has confirmed that hackers accessed the personal data of residents and employees, but says it has been unable to determine what types of data were stolen. HMG Healthcare is headquartered in The Woodlands, Texas, and Read More …