Cyber Security News

February 16, 2024

Alpha, a new ransomware that first appeared in February 2023 and stepped up its operations in recent weeks, has strong similarities to the long-defunct NetWalker ransomware, which disappeared in January 2021 following an international law enforcement operation. The NetWalker Connection Analysis of Alpha reveals significant similarities with the old NetWalker ransomware. Both threats use a similar ...

February 16, 2024

As it turns out, there was another actively exploited vulnerability included in Microsoft’s patch Tuesday updates for February. When Microsoft said in its update guide for CVE-2024-21410 that the vulnerability was likely to be exploited by attackers, they weren’t kidding. Soon after they changed the status to “Exploitation Detected”. The Exchange vulnerability is listed in the ...

February 16, 2024

China’s Ministry of State Security warned on Friday that in recent years, national security agencies have discovered that foreign cyber spies have continuously attacked the information systems of key departments and enterprises within China, resulting in the theft of important sensitive data and posing a threat to China’s data security and cybersecurity. The ministry released an ...

February 16, 2024

The maker of Crabbie’s Ginger Beer and Dead Man’s Fingers spiced rum shed more than 500 jobs and entered the red after its sales were hit by a cyber attack, it has been revealed. Halewood Artisanal Spirts, whose brands also include Whitley Neill Gin, Liverpool Gin and Samuel Gelton’s Irish whiskey, has posted a turnover of ...

February 16, 2024

The United States recently conducted a cyberattack against an Iranian military ship that had been collecting intelligence on cargo vessels in the Red Sea and the Gulf of Aden, according to three U.S. officials. The operation was intended to inhibit the Iranian ship’s ability to share intelligence with Houthi rebels in Yemen who have been firing ...

February 15, 2024

Like much Android malware today, this malware abuses the Accessibility API. This API is used to automatically perform UI actions. For example, the malicious sample uses the Accessibility API to record device unlocking gestures. Newer, this SpyNote sample uses the Accessibility API to target famous crypto wallets. Read more… Source: Fortinet  

February 15, 2024

In July 2022, someone sent Google a batch of malicious code that could be used to hack Chrome, Firefox, and PCs running Microsoft Defender. That code was part of an exploitation framework called Heliconia. And at the time, the exploits used to target those applications were zero-days, meaning the software makers were unaware of the bugs, ...

February 15, 2024

A cybercriminal was allegedly able to steal a partial database after hacking the systems of a Meta contractor. The leak consists of around 200,000 records that contain names, phone numbers, email addresses, Facebook IDs, and Facebook profile information of the affected Facebook Marketplace users. Read more… Source: Malwarebytes Labs  

February 14, 2024

A misconfigured cloud storage server belonging to automotive giant BMW exposed sensitive company information, including private keys and internal data, TechCrunch has learned. Can Yoleri, a security researcher at threat intelligence company SOCRadar, told TechCrunch that he discovered the exposed BMW cloud storage server while routinely scanning the internet. Read more… Source: TechCrunch  

February 14, 2024

capa is the FLARE team’s open source tool that detects capabilities in executable files. Ghidra is an open source software reverse engineering framework created and maintained by the National Security Agency Research Directorate. With the release of capa v7, Mandian researchers have integrated capa with Ghidra, bringing capa’s detection capabilities directly to Ghidra’s user interface. With ...