A threat actor claimed that they have an access to Coinbase with ability to check the balance of any account. The advertisement shared in Telegram group. Coinbase is a leading cryptocurrency exchange platform founded in 2012, headquartered in the United States. It allows users to buy, sell, and store various cryptocurrencies like Bitcoin, Ethereum, and…
Read More
Google has released emergency security updates for the Chrome browser to address a high-severity zero-day vulnerability tagged as exploited in attacks. This fix comes only three days after Google addressed another zero-day vulnerability in Chrome, CVE-2024-4671, caused by a use-after-free weakness in the Visuals component. The latest bug is tracked as CVE-2024-4761. It is an…
Read More
Hyatt’s team recently identified a rogue USB drive used to install the Raspberry Robin malware, which acts as a launchpad for subsequent attacks and gives bad actors the ability to fulfil the three key elements of a successful attack — establish a presence, maintain access and enable lateral movement. “Because it has a loader capability,…
Read More
May 14, 2024NewsroomLocation Tracking / Privacy Apple and Google on Monday officially announced the rollout of a new feature that notifies users across both iOS and Android if a Bluetooth tracking device is being used to stealthily keep tabs on them without their knowledge or consent. “This will help mitigate the misuse of devices designed…
Read MoreApply the stable channel update provided by Apple to vulnerable systems immediately after appropriate testing. (M1051: Update Software)o Safeguard 7.1 : Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.o…
Read More
A new package mimicked the popular ‘requests’ library on the Python Package Index (PyPI) to target macOS devices with the Sliver C2 adversary framework, used for gaining initial access to corporate networks. Discovered by Phylum, the campaign involves several steps and obfuscation layers, including using steganography in a PNG image file to covertly install the Sliver payload on…
Read More
Apple has backported security patches released in March to older iPhones and iPads, fixing an iOS Kernel zero-day tagged as exploited in attacks. In security advisories published today, Apple once again said they’re aware of reports that this vulnerability “may have been actively exploited.” The flaw is a memory corruption issue in Apple’s RTKit real-time…
Read Moreapache_software_foundation — apache_inlong Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.7.0 through 1.11.0, the attackers can bypass using malicious parameters. Users are advised to upgrade to Apache InLong’s 1.12.0 or cherry-pick [1], [2] to solve it. [1] https://github.com/apache/inlong/pull/9694 [2] https://github.com/apache/inlong/pull/9707 2024-05-08 not yet calculated CVE-2024-26579security@apache.orgsecurity@apache.org apache_software_foundation — apache_ofbiz Improper…
Read More
The Federal Communications Commission (FCC) has named its first officially designated robocall threat actor ‘Royal Tiger,’ a move aiming to help international partners and law enforcement more easily track individuals and entities behind repeat robocall campaigns. Royal Tiger, a group of bad actors operating from India, the United Kingdom, the United Arab Emirates, and the…
Read More
A cybercriminal using the name “salfetka” claims to be selling the source code of INC Ransom, a ransomware-as-a-service (RaaS) operation launched in August 2023. INC has previously targeted the U.S. division of Xerox Business Solutions (XBS), Yamaha Motor Philippines, and, more recently, Scotland’s National Health Service (NHS). Simultaneously with the alleged sale, the INC Ransom operation is undergoing changes that…
Read More