Short Summary:
Mobile apps are increasingly vulnerable due to the presence of hardcoded and unencrypted cloud service credentials in their codebases. This issue poses significant risks to user data and …
Author: Symantec
Short Summary:
The article discusses various tools and techniques used by attackers in the context of ransomware operations. It categorizes these tools into four main areas: Living off the Land, …
Short Summary:
Ransomware activity surged in Q2 2024, with a 36% increase in claimed attacks compared to Q1, totaling 1,310 incidents. The resurgence is attributed to the recovery of LockBit …
Short Summary:
The article emphasizes the critical need for mobile security, highlighting the risks associated with unencrypted data transmission in various apps. It discusses specific apps that expose sensitive user …
Short Summary:
A new backdoor known as Backdoor.Msupedge has been discovered, targeting a university in Taiwan. This backdoor employs DNS tunneling to communicate with its command-and-control server, utilizing a unique …
“`htmlShort Summary:
The article discusses the increasing trend of threat actors utilizing legitimate cloud services for their attacks, highlighting various espionage operations and malware tools that exploit these services. Notable …
Threat actors utilizing Large Language Model (LLM) AIs to generate code used in malware campaigns.
Read More
Symantec has observed an increase in attacks that appear to leverage Large Language Models (LLMs) …
Symantec reported a Daggerfly intrusion against a telecoms operator in Africa involving previously unseen plugins for MgBot.
Macma updateMacma is a macOS backdoor that was first documented by Google …
was the target of a U.S.-led law enforcement operation in December 2023. Although Noberus attempted to reestablish itself in the following weeks, it eventually closed in March 2024, citing the …
CVE-2024-26169) occurs in the Windows Error Reporting Service. If exploited on affected systems, it can permit an attacker to elevate their privileges. The vulnerability was patched on March 12, 2024, …
said it was responsible for an attack on Korea Hydro and Nuclear Power (KHNP). Multiple employees at KHNP were targeted with spear-phishing emails containing exploits that installed disk-wiping malware on …
Open-source tool that can legitimately be used to manage content in the cloud, but has been seen being abused by ransomware actors to exfiltrate data from victim machines. For an example …