A group of 40 state attorneys general have sent a letter to Instagram and Facebook parent company Meta expressing “deep concern” over what they say is dramatic uptick of consumer complaints about account takeovers and lockouts.

The attorneys general called on Meta to do a better job preventing account takeovers — when malicious actors take a users’ accounts, lock them out by changing their passwords, and post their own material, read private messages, scam contacts and engage in other harmful or illegal behavior.…

Read More

Apple has released emergency security updates to fix two critical iOS zero-day vulnerabilities that cyberattackers are actively using to compromise iPhone users at the kernel level.

According to Apple’s security bulletin released March 5, the memory-corruption bugs both allow threat actors with arbitrary kernel read and write capabilities to bypass kernel memory protections:

CVE-2024-23225: Found in the iOS Kernel

CVE-2024-23296: Found in the RTKit component

While Apple, true to form, declined to offer additional details, Krishna Vishnubhotla, vice president of product strategy at mobile security provider Zimperium, explains that flaws like these present exacerbated risk to individuals and organizations.…

Read More

The US cybersecurity agency CISA on Tuesday added flaws impacting Pixel phones and Sunhillo software to its Known Exploited Vulnerabilities (KEV) catalog. 

The exploited Pixel vulnerability is tracked as CVE-2023-21237. When it patched the flaw in June 2023, Google warned that it had been aware of “limited, targeted exploitation”, but the company published its security bulletin for Pixel phones a week after the general Android security bulletin and CVE-2023-21237 went unnoticed. …

Read More

Mar 06, 2024NewsroomPrivacy / Spyware

The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two individuals and five entities associated with the Intellexa Alliance for their role in “developing, operating, and distributing” commercial spyware designed to target government officials, journalists, and policy experts in the country.…

Read More

Apple released emergency security updates to fix two iOS zero-day vulnerabilities that were exploited in attacks on iPhones.

“Apple is aware of a report that this issue may have been exploited,” the company said in an advisory issued on Tuesday.

The two bugs were found in the iOS Kernel (CVE-2024-23225) and RTKit (CVE-2024-23296), both allowing attackers with arbitrary kernel read and write capabilities to bypass kernel memory protections.…

Read More

The U.S. has imposed sanctions on two individuals and five entities linked to the development and distribution of the Predator commercial spyware used to target Americans, including government officials and journalists.

“Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated two individuals and five entities associated with the Intellexa Consortium for their role in developing, operating, and distributing commercial spyware technology used to target Americans, including U.S.…

Read More

Mar 02, 2024NewsroomSpyware / Privacy

A U.S. judge has ordered NSO Group to hand over its source code for Pegasus and other products to Meta as part of the social media giant’s ongoing litigation against the Israeli spyware vendor.

The decision, which marks a major legal victory for Meta, which filed the lawsuit in October 2019 for using its infrastructure to distribute the spyware to approximately 1,400 mobile devices between April and May.…

Read More

New research from Recorded Future’s Insikt Group examines newly discovered infrastructure related to the operators of Predator, a mercenary mobile spyware. This infrastructure is believed to be in use in at least eleven countries, including Angola, Armenia, Botswana, Egypt, Indonesia, Kazakhstan, Mongolia, Oman, the Philippines, Saudi Arabia, and Trinidad and Tobago.…

Read More
Key Points Avast discovered an in-the-wild admin-to-kernel exploit for a previously unknown zero-day vulnerability in the appid.sys AppLocker driver.  Thanks to Avast’s prompt report, Microsoft addressed this vulnerability as CVE-2024-21338 in the February Patch Tuesday update.  The exploitation activity was orchestrated by the notorious Lazarus Group, with the end goal of establishing a kernel read/write primitive. …
Read More

In Q4 2023, the MS-ISAC reported changes in the Top 10 Malware, with SocGholish remaining the most prevalent, comprising 60% of incidents. New entries included Arechclient2 and Pegasus, while Malvertisement emerged as the leading infection vector. The report emphasizes the importance of understanding malware behavior and infection methods to enhance cybersecurity defenses.…
Read More

When we talk about the term “fake news,” most people likely picture a certain person who made the term infamous. 

And when we talk about misinformation and disinformation, many will remember the “Russian troll farms” that popped up during the 2016 U.S. presidential election and were unmasked and shut down during former president Barack Obama’s final days in office. …

Read More

Published On : 2024-02-13

EXECUTIVE SUMMARY

In this report, we discuss the recently observed XSSLite Stealer that is being discussed within multiple hacking communities. It was released as part of a malware development competition (XSSWare) hosted by the infamous Russian hacking community; XSS. The developer of the stealer has shared the source code of the project and hinted that he is moving on to another project.…

Read More
Key Takeaways  As per our initial observations, this campaign employs language-specific HTML files to trap unsuspecting victims, tailoring its approach based on linguistic nuances.  Through the strategic embedding of zip archives within HTML files, the campaign orchestrates a series of intricate infiltration maneuvers, evading detection and executing malicious payloads. …
Read More
10 Billion Attacks Blocked in 2023, Qakbot’s Resurrection, and Google API Abused Foreword

Welcome to the new edition of our report. As we bid farewell to the year 2023, let’s briefly revisit the threat landscape that defined the past year. In 2023, the overall number of unique blocked attacks surged, reaching an unprecedented milestone of more than 10 billion attacks and a remarkable 49% increase year-over-year.…

Read More