Security News > 2022 > September

Launch an IT career after taking these eight courses for under $50 We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. This training bundle curated and taught by ITU Online focuses on eight certification exams.

Quantum Builder lets attackers to create malicious Microsoft Windows LNK shortcuts. Quantum Builder has been linked to the advanced persistent threat gang Lazarus Group, based on shared tactics, techniques, and procedures and overlaps in source code, but they can't with any confidence attribute the current campaign to Lazarus or any particular threat group.

Google has announced more details regarding turning off support for the Google Chrome Manifest V2 extension as the company pushes more developers to transition to Manifest V3. An update from the Chrome team says that they will proceed in careful, experimental steps, ensuring a smooth end-user experience during the phase-out of Manifest V2 in June 2023. In January 2022, the Chrome Web Store stopped accepting new extensions built on Manifest V2. According to the original roll-out timeline released by Google a year ago, starting from January 2023, all extensions built on Manifest V2 would stop working on the Chrome browser.

Apple News shut down Fast Company's news channel after "An incredibly offensive alert" was sent to subscribers following a hack of the business publication on Tuesday evening. Fast Company's Apple News account was hacked on Tuesday evening.

Security researchers have discovered a new campaign targeting multiple military contractors involved in weapon manufacturing, including an F-35 Lightning II fighter aircraft components supplier. The campaign stands out for its secure C2 infrastructure and multiple layers of obfuscation in the PowerShell stagers.

A quickly expanding botnet called Chaos is targeting and infecting Windows and Linux devices to use them for cryptomining and launching DDoS attacks. Even though it mainly propagates by attacking devices unpatched against various security vulnerabilities and SSH brute-forcing, Chaos will also use stolen SSH keys to hijack more devices.

Four vulnerabilities in the widely adopted 'Stacked VLAN' Ethernet feature allows attackers to perform denial-of-service or man-in-the-middle attacks against network targets using custom-crafted packets. Stacked VLANs, also known as VLAN Stacking, is a feature in modern routers and switches that allows companies to encapsulate multiple VLAN IDs into a single VLAN connection shared with an upstream provider.

Wazuh is a free and open source security platform that provides unified SIEM and XDR protection. Wazuh central components that analyze security data collected from the agents.

Chaos, new multipurpose malware written in the Go programming language, is spreading across the world. The prevalence of malware written in Go has increased dramatically in recent years due to the language's flexibility, low antivirus detection rates and difficulty to reverse-engineer, Black Lotus Labs analysts noted.

A new, multi-functional Go-based malware dubbed Chaos has been rapidly growing in volume in recent months to ensnare a wide range of Windows, Linux, small office/home office routers, and enterprise servers into its botnet. "Chaos functionality includes the ability to enumerate the host environment, run remote shell commands, load additional modules, automatically propagate through stealing and brute-forcing SSH private keys, as well as launch DDoS attacks," researchers from Lumen's Black Lotus Labs said in a write-up shared with The Hacker News.