Sep 06, 2023THNZero Day / Mobile Security Google has rolled out monthly security patches for Android to address a number of flaws, including a zero-day bug that it said may have been exploited in the wild. Tracked as CVE-2023-35674, the high-severity vulnerability is described as a case of privilege escalation impacting the Android Framework. “There […]
Hackers have stolen over $40m in cryptocurrency from the self-styled “world’s leading betting platform,” the firm has revealed. Curaçao-headquartered Stake.com offers casino and sports betting for players using cryptocurrency. However, the firm flagged on Monday that it had spotted unauthorized transactions being made from its Ethereum (ETH) and Binance Smart Chain (BSC) hot wallets. “We […]
Sep 06, 2023THNCyber Threat / Malware The Iranian threat actor tracked as APT34 has been linked to a new phishing attack that leads to the deployment of a variant of a backdoor called SideTwist. “APT34 has a high level of attack technology, can design different intrusion methods for different types of targets, and has supply […]
Not one, not two, but three open-source software registries have come under attack at once in an organized cybercrime operation aimed at macOS users. A criminal group has uploaded harmful packages to PyPI, NPM, and RubyGems repositories to target respective developers. What happened? While scrutinizing the source code and metadata of registry-pushed packages, cybersecurity experts […]
Since September 2022, our team has been tracking a bogus URL shortener redirect campaign that started with just a single domain: ois[.]is. By the beginning of 2023, this malware campaign had expanded to over a hundred domain names to redirect traffic to low quality Q&A sites and monetize traffic via Google AdSense. In fact, since […]
Security researchers have discovered what they described as a critical vulnerability in the relatively widely used PHPFusion open source content management system (CMS). The authenticated local file inclusion flaw, identified as CVE-2023-2453, allows for remote code execution if an attacker can upload a maliciously crafted “.php” file to a known path on a target system. […]
Affected platforms: Microsoft WindowsImpacted parties: Windows UsersImpact: Collects sensitive information from a victim’s computerSeverity level: Critical Our FortiGuard Labs captured a phishing campaign that spreads a new Agent Tesla variant. This well-known malware family uses a .Net-based Remote Access Trojan (RAT) and data stealer to gain initial access. It is often used for Malware-as-a-Service (MaaS). […]
ASUS routers are affected by three critical remote code execution flaws Pierluigi Paganini September 06, 2023 Three critical remote code execution vulnerabilities in ASUS routers potentially allow attackers to hijack the network devices. ASUS routers RT-AX55, RT-AX56U_V2, and RT-AC86U are affected by three critical remote code execution vulnerabilities that can potentially allow threat actors to […]
Hacker group GhostSec is disclosing the source code for software developed by the Iranian FANAP group, alleging it to be surveillance software used by the Iranian state on its own citizens. The group claims to have cracked FANAP group’s proprietary code, and has analyzed around 26GB of compressed data which it is releasing a file at a […]