A detailed technical outline of the experimental protocol, which its developers hope will attract wide-scale experimentation and interoperability, was published last week.
The cache of 18.5GB connection logs allegedly contained more than 25 million records, which included user device and Play Service IDs, connection timestamps, IP addresses and more.
The ALPHV ransomware gang, aka BlackCat, has brought extortion to a new level by creating a dedicated website that allows the customers and employees of their victims to check if their data was stolen in an attack
Web3 users are being targeted under the SeaFlower operation that aims to infect users through imposter websites and SEO poisoning and black SEO techniques promoting fake crypto wallets. The attackers seem to be Chinese, according to hints such as the language of the comments in source code. To stay protected against such threats, cryptocurrency users […]
Dubbed Panchan by Akamai Security Research, the malware “utilizes its built-in concurrency features to maximize spreadability and execute malware modules” and “harvests SSH keys to perform lateral movement.”
Chinese state-sponsored Gallium APT group is using a new, difficult-to-detect RAT—PingPull—in its espionage campaigns. The RAT can leverage ICMP, raw TCP, and HTTP(S) protocols for C2 communication. The targeted entities are based in Australia, Russia, the Philippines, Belgium, Vietnam, Malaysia, Cambodia, and Afghanistan.
Alleged Iranian hackers were found targeting former Israeli officials, a former U.S. ambassador, the head of a security think tank, and high-ranking military personnel via spearphishing attacks. Reports in Israel also speculate that the campaign could be the work of Phosphorus, a prolific Iranian government-connected cyber-espionage group.
Tracked as CVE-2022-27511, the newly addressed security bug is described as an improper access control issue that could allow a remote, unauthenticated attacker to corrupt the system and trigger an administrator password reset.
The legislation identifies finance, telecommunications, energy and transportation sectors as being vital to national security and public safety, but stops short of naming any companies.
Researchers found a total of eight vulnerabilities in Carrier’s LenelS2 access control products using HID Mercury controllers. Out of eight flaws, seven were identified as critical. These can be exploited by hackers to remotely unlock doors and perform command injection, DoS conditions, information spoofing, and even deploying arbitrary files.