North Korean nation-state threat actor using Play ransomware A North Korean state-sponsored threat actor is suspected of collaborating with the Play ransomware gang in a September cyberattack, Palo Alto Networks Unit 42 reported Wednesday. The group tracked by Unit 42 as Jumpy Pisces, also known as Andariel, Onyx Sleet and Read more…
Windows Themes 0-day opens door to NTLM credential theft • The Register There’s a Windows Themes spoofing zero-day bug on the loose that allows attackers to steal people’s NTLM credentials. That’s the bad news. The good news: Acros Security’s 0patch has developed a free micropatch that it says fixes the Read more…
China rated Canada’s most aggressive cyber threat • The Register A report by Canada’s Communications Security Establishment (CSE) revealed that state-backed actors have collected valuable information from government networks for five years. The biennial National Cyber Threat Assessment described the People’s Republic of China’s (PRC) cyber operations against Canada as Read more…
New LightSpy Spyware Version Targets iPhones with Increased Surveillance Tactics Oct 31, 2024Ravie LakshmananSpyware / Mobile Security Cybersecurity researchers have discovered an improved version of an Apple iOS spyware called LightSpy that not only expands on its functionality, but also incorporates destructive capabilities to prevent the compromised device from booting Read more…
LottieFiles Issues Warning About Compromised “lottie-player” npm Package Oct 31, 2024Ravie LakshmananCryptocurrency / Software Development LottieFiles has revealed that its npm package “lottie-player” was compromised as part of a supply chain attack, prompting it to release an updated version of the library. “On October 30th ~6:20 PM UTC – LottieFiles Read more…
FakeCall malware menaces Android devices Threat actors are using an Android malware payload to pull off an elaborate social-engineering scam. Researchers with mobile security specialist Zimperium say that a piece of malware known as FakeCall is causing Android device owners to be tricked into handing over sensitive data. According to Read more…
Unveiling Hidden Threats to Corporate Identities Oct 31, 2024The Hacker NewsIdentity Security / Browser Security In the modern, browser-centric workplace, the corporate identity acts as the frontline defense for organizations. Often referred to as “the new perimeter”, the identity stands between safe data management and potential breaches. However, a new Read more…
LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites Oct 31, 2024Ravie LakshmananVulnerability / Website Security A high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could allow an unauthenticated threat actor to elevate their privileges and perform malicious actions. The vulnerability, tracked as Read more…
Russian spies using remote desktop protocol files to phish • The Register Microsoft says a mass phishing campaign by Russia’s foreign intelligence services (SVR) is now in its second week, and the spies are using a novel info-gathering technique. First spotted on October 22, Microsoft said in a report published Read more…
Here’s the paper no one read before declaring the demise of modern cryptography PRESENT, GIFT64, and RECTANGLE: All three are lightweight block ciphers designed for use in “constrained” environments, such as those in embedded systems that require more speed and fewer computational resources than is possible using AES. All three Read more…