Hyatt’s team recently identified a rogue USB drive used to install the Raspberry Robin malware, which acts as a launchpad for subsequent attacks and gives bad actors the ability to fulfil the three key elements of a successful attack — establish a presence, maintain access and enable lateral movement. “Because it has a loader capability,…
Read More
May 14, 2024NewsroomLocation Tracking / Privacy Apple and Google on Monday officially announced the rollout of a new feature that notifies users across both iOS and Android if a Bluetooth tracking device is being used to stealthily keep tabs on them without their knowledge or consent. “This will help mitigate the misuse of devices designed…
Read MoreApply the stable channel update provided by Apple to vulnerable systems immediately after appropriate testing. (M1051: Update Software)o Safeguard 7.1 : Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.o…
Read More
A new package mimicked the popular ‘requests’ library on the Python Package Index (PyPI) to target macOS devices with the Sliver C2 adversary framework, used for gaining initial access to corporate networks. Discovered by Phylum, the campaign involves several steps and obfuscation layers, including using steganography in a PNG image file to covertly install the Sliver payload on…
Read More
Apple has backported security patches released in March to older iPhones and iPads, fixing an iOS Kernel zero-day tagged as exploited in attacks. In security advisories published today, Apple once again said they’re aware of reports that this vulnerability “may have been actively exploited.” The flaw is a memory corruption issue in Apple’s RTKit real-time…
Read Moreapache_software_foundation — apache_inlong Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.7.0 through 1.11.0, the attackers can bypass using malicious parameters. Users are advised to upgrade to Apache InLong’s 1.12.0 or cherry-pick [1], [2] to solve it. [1] https://github.com/apache/inlong/pull/9694 [2] https://github.com/apache/inlong/pull/9707 2024-05-08 not yet calculated CVE-2024-26579security@apache.orgsecurity@apache.org apache_software_foundation — apache_ofbiz Improper…
Read More
The Federal Communications Commission (FCC) has named its first officially designated robocall threat actor ‘Royal Tiger,’ a move aiming to help international partners and law enforcement more easily track individuals and entities behind repeat robocall campaigns. Royal Tiger, a group of bad actors operating from India, the United Kingdom, the United Arab Emirates, and the…
Read More
A cybercriminal using the name “salfetka” claims to be selling the source code of INC Ransom, a ransomware-as-a-service (RaaS) operation launched in August 2023. INC has previously targeted the U.S. division of Xerox Business Solutions (XBS), Yamaha Motor Philippines, and, more recently, Scotland’s National Health Service (NHS). Simultaneously with the alleged sale, the INC Ransom operation is undergoing changes that…
Read More
New real-time observability and anomaly detection, along with a new write API for data integration, expands the range of potential applications for StarTree Cloud. Real-time analytics platform developer StarTree is bolstering its StarTree Cloud system with new observability and anomaly detection capabilities, along with the introduction of a new write API that facilitates real-time data…
Read More
Since April, millions of phishing emails have been sent through the Phorpiex botnet to conduct a large-scale LockBit Black ransomware campaign. As New Jersey’s Cybersecurity and Communications Integration Cell (NJCCIC) warned on Friday, the attackers use ZIP attachments containing an executable that deploys the LockBit Black payload, which encrypts the recipients’ systems if launched. The LockBit…
Read More