New iOS vulnerability allows executing a zero-click malware delivery through the built-in iMessage messenger. The breach was discovered by Kaspersky analytics team, and appears to touch almost every user of Apple smartphones. Experts dubbed the malware “Triangulation”. iOS Exploit Allows Zero-Click Infection Probably, the worst case scenario for any target of cyberattack is the infection… Continue reading New iOS Vulnerability Allows “Triangulation” Attack
Tag: News
PaperCut Vulnerability Allows RCE, Exploited in the Wild
PaperCut, a software solution used for print management, appears to be vulnerable to remote code execution (RCE). Another security violation that popped out along with the former allows extracting user data from the profiles created in the program. The RCE vulnerability is already used in cyberattacks. What is PaperCut? PaperCut is a print management solution,… Continue reading PaperCut Vulnerability Allows RCE, Exploited in the Wild
Genesis Market Seized by FBI
Genesis Market, a Darknet marketplace for stolen information, was reportedly seized by the FBI on Tuesday, April 4, 2023. The operation was likely preceded by the detainment of the market’s significant actors. The overall operation is called “Cookie Monster”. What is Genesis Market? Genesis is a Darknet marketplace that has been active since 2018. Aside… Continue reading Genesis Market Seized by FBI
Ransomware Actors Target IBM’s Aspera Faspex
File transfer utility Aspera Faspex, developed by IBM, became a riding mare of cybercriminals. A vulnerability discovered in the past year is exploited to deploy various ransomware samples. Key threat actors using that breach are IceFire, Shadowserver and Buhti. The issue allows arbitrary code execution, and touches all app versions before Faspex 4.4.2 PL2. What… Continue reading Ransomware Actors Target IBM’s Aspera Faspex
3CX Phone System is Struck With Chain Supply Attack
3CX Phone System, a desktop app for business phone communication, fell victim to a supply chain attack. Recent updates deliver a forged version of the application that makes it possible to install stealer malware. The actual payload is getting delivered in a 3-stage manner, which makes it harder to track. What is the 3CX Phone… Continue reading 3CX Phone System is Struck With Chain Supply Attack
Linus Tech Tips YouTube Channel Hacked
Linus Tech Tips, a YouTube 15-million tech channel, was hacked and then used to spread a cryptocurrency scam. It happened around March 23, 2023, and could have led to massive victims among channel subscribers. YouTube has already taken care of the channel by suspending it. Who is Linus Tech Tips? Linus Tech Tips is a… Continue reading Linus Tech Tips YouTube Channel Hacked
New Acer Breach Exposes 160GB of Data
Companies tend to hide the case of a cybersecurity breach – for certain reasons, it may be for their good. However, it is not particularly easy to hide an elephant in the room. Acer Incorporated, the Taiwan-based electronic manufacturer fell a victim to yet another breach – and this was uncovered by a fraudster selling… Continue reading New Acer Breach Exposes 160GB of Data
A WSO2 Vulnerability is Fraught with Remote Code Execution
The products by WSO2, an open-source API, applications, and web services provider, have been attacked in the wild through the CVE-2022-29464 vulnerability detected back in April 2022. This vulnerability allows attackers to execute malicious code remotely via unhindered file uploading. The scheme of the attack begins with web shell installation through *.jsp or *.war files… Continue reading A WSO2 Vulnerability is Fraught with Remote Code Execution
The 5 Most Famous Spyware Attacks
Spyware can be called the most sophisticated malware these days. It never acts openly, uses tricky techniques, and appears more often with other viruses. Together with its brother-in-law – stealer malware – spyware helps the cyber criminals to find and exfiltrate the data from attacked corporations. Moreover, ransomware that aims at individuals (exactly, STOP/Djvu family)… Continue reading The 5 Most Famous Spyware Attacks