Aug 06, 2024Ravie LakshmananMalware / Windows Security The North Korea-linked threat actor known as Moonstone Sleet has continued to push malicious npm packages to the JavaScript package registry with the aim of infecting Windows systems, underscoring the persistent nature of their campaigns. The packages in question, harthat-api and harthat-hash, were published on July 7, 2024,…
Read More
A massive cyberattack targeting Mobile Guardian, a UK-based mobile device management (MDM) firm, has caused widespread disruption to schools and businesses worldwide, including North America, Europe, and Singapore. The incident has resulted in the loss of data and remote wiping of iOS and ChromeOS devices for thousands of users. Mobile Guardian has acknowledged the global…
Read MoreA Better Investigatory Board for Cyber Incidents When an airplane crashes, impartial investigatory bodies leap into action, empowered by law to unearth what happened and why. But there is no such empowered and impartial body to investigate CrowdStrike’s faulty update that recently unfolded, ensnarling banks, airlines, and emergency services to the tune of billions of…
Read More
Aug 06, 2024Ravie LakshmananAndroid / Malware Users in Russia have been the target of a previously undocumented Android post-compromise spyware called LianSpy since at least 2021. Cybersecurity vendor Kaspersky, which discovered the malware in March 2024, noted its use of Yandex Cloud, a Russian cloud service, for command-and-control (C2) communications as a way to avoid…
Read More
In the world of cybersecurity, as everywhere else, AI and generative AI are top of mind. Malicious actors are using AI and genAI to create more insidious malware, more convincing phishing emails, and more realistic deepfakes. At the same time, vendors are fighting back by incorporating AI capabilities into their cybersecurity tools. The goal is…
Read More
Ransomware Response: Best Practices for Businesses Becoming the target of a ransomware attack is something no organization likes to think about, but it’s increasing likely for many firms. According to Statista, almost three-quarters of businesses (72.7 percent) were affected by ransomware last year. This means it’s essential for every company to make a ransomware response…
Read More
Aug 06, 2024Ravie LakshmananMobile Security / Vulnerability Google has addressed a high-severity security flaw impacting the Android kernel that it has been actively exploited in the wild. The vulnerability, tracked as CVE-2024-36971, has been described as a case of remote code execution impacting the kernel. “There are indications that CVE-2024-36971 may be under limited, targeted…
Read More
Aug 06, 2024Ravie LakshmananEnterprise Security / Vulnerability A new zero-day pre-authentication remote code execution vulnerability has been disclosed in the Apache OFBiz open-source enterprise resource planning (ERP) system that could allow threat actors to achieve remote code execution on affected instances. Tracked as CVE-2024-38856, the flaw has a CVSS score of 9.8 out of a…
Read More
Image: MidjourneyAndroid security updates this month patch 46 vulnerabilities, including a high-severity remote code execution (RCE) exploited in targeted attacks. The zero-day, tracked as CVE-2024-36971, is a use after free (UAF) weakness in the Linux kernel’s network route management. It requires System execution privileges for successful exploitation and allows altering the behavior of certain network connections.…
Read More
At a fireside chat at SIGGRAPH 2024 in Denver last week, Nvidia CEO Jensen Huang talks about how AI will impact jobs, why Nvidia’s success happened against major odds, and why he believes GPUs and generative AI will reduce energy consumption on the Internet. Jensen Huang has led Nvidia to become one of the world’s…
Read More