Google’s March 2020 security updates for Android address over 70 flaws, including a critical vulnerability that affects the media framework. Google’s March 2020 security updates for Android include the fix for a critical vulnerability, tracked as CVE-2020-0032, that affects the media framework as part of the 2020-03-01 security patch level. The 2020-03-01 security patch level fixed 11 vulnerabilities […]
Chinese security firm Qihoo 360 revealed that the US CIA has hacked Chinese organizations in various sectors for the last 11 years. Chinese security firm Qihoo 360 is accusing that the US Central Intelligence Agency (CIA) of having hacked Chinese organizations for the last 11 years. According to the firm, the US cyber spies are targeting various industry sectors […]
Cybaze-Yoroi ZLab analyzed a new implant employed by a North Korea-linked APT group, tracked as Kimsuky, in attacks on South Korea. Introduction Recently we have observed a significant increase in state-sponsored operations carried out by threat actors worldwide. APT34, Gamaredon, and Transparent Tribe are a few samples of the recently uncovered campaigns, the latter was spotted after four […]
The operators behind the Nemty ransomware set up a data leak site to publish the data of the victims who refuse to pay ransoms. Nemty ransomware first appeared on the threat landscape in August 2019, the name of the malware comes after the extension it adds to the encrypted file names. The ransomware deletes shadow copies of encrypted files […]
The Department of Justice has charged the two Chinese nationals for laundering cryptocurrency for North Korea-linked APT groups. The US Treasury Department and the Department of Justice have imposed sanctions and charged two Chinese nationals, Tian Yinyin ( 田寅寅) and Li Jiadong (李家东), for helping North Korea-linked hackers in laundering cryptocurrency. The cryptocurrency have been […]
Cisco has decided to extend its business licenses for the free Webex account that will be available for 90-day due to Coronavirus/COVID-19 outbreak. Cisco has announced an enhancement of its free Webex account offerings and is offering free 90-day business licenses to limit the spread of Coronavirus. WebEx is a popular web conferencing and videoconferencing […]
Pharmacy store chain Walgreens has disclosed a data breach that impacted some customers of its mobile application. Pharmacy store chain Walgreens has disclosed a data breach that impacted some customers of its mobile application. The mobile app allows users to refill prescriptions by scanning barcode, manage medications with Pill Reminder, set Rx alerts for refills […]
Experts warn of ongoing scans for Apache Tomcat servers affected by the Ghostcat flaw that could allow attackers to take over servers. Security experts are warning of ongoing scans for Apache Tomcat servers affected by the recently disclosed Ghostcat vulnerability CVE-2020-1938. The flaw affects all versions of Apache Tomcat, it could be exploited by attackers […]
Experts from Cybaze/ Yoroi Zlab spotted a new sample of the Karkoff implant that was employed in past campaigns associated with Iran-linked APT34 group.Experts from Cybaze/ Yoroi Zlab spotted a new sample of the Karkoff implant that was employed in past campaigns associated with Iran-linked APT34 group. Introduction In November 2018, researchers from Cisco Talos […]
SurfingAttack is an attacking technique that allows to wake up mobile device and control them using voice commands encoded in ultrasonic waves. SurfingAttack is a hacking technique that sees voice commands encoded in ultrasonic waves silently activate a mobile phone’s digital assistant. The technique could be used to do several actions such as making phone […]