Security News > 2022 > October

The pro-Russian hacktivist group 'KillNet' has carried out large-scale DDoS attacks against several U.S. airports' websites, taking many of them offline. The DDoS attacks have overwhelmed the servers hosting these sites with garbage requests, making it impossible for travelers to connect and get updates about their scheduled flights or book airport services.

Threat actors associated with the notorious Emotet malware are continually shifting their tactics and command-and-control infrastructure to escape detection, according to new research from VMware. "The ongoing adaptation of Emotet's execution chain is one reason the malware has been successful for so long," researchers from VMware's Threat Analysis Unit said in a report shared with The Hacker News.

Since 2019, more US consumers have taken steps such as using stronger passwords to their home Wi-Fi networks, multi-factor authentication, blocking or deleting all cookies on their web browsers, and deleting smartphone apps they suspect are collecting too much personal data or don't protect that data adequately, according to a study [PDF] by Aspen Digital Institute and Consumer Reports. The report comes out during National Cybersecurity Awareness Month, a program started in 2004 by the US Cybersecurity and Infrastructure Security Agency and National Cybersecurity Alliance to put a focus on what individuals can do to protect themselves against cyberthreats.

A still unpatched vulnerability in Zimbra Collaboration is being exploited by attackers to achieve remote code execution on vulnerable servers. Zimbra Collaboration is cloud-hosted collaboration software suite that also includes an email server component and a web client component.

This is a story of one piece of what is probably a complex employment scam. Basically, real programmers are having their resumes copied and co-opted by scammers, who apply for jobs, then hire other people with Western looks and language skills are to impersonate those first people on Zoom job interviews.

Singtel has confirmed that another Australian business it owns, consulting unit Dialog, has fallen victim to a cyber burglary just weeks after the mammoth data leak at telco Optus was revealed. In a statement to the Singapore stock exchange, Singtel said intruders may have accessed company data "Potentially affecting fewer than 20 clients and 1,000 current Dialog employees as well as former employees."

Called SandBreak, this new vulnerability requires R&D leaders, AppSec engineers, and security professionals to ensure they immediately patch the vm2 sandbox if they use it in their applications. Vm2 is the most popular Javascript sandbox library, with around 17.5 million monthly downloads.

It said the Eternity group - also known as EternityTeam and Eternity Project - is offering the multifunction LilithBot malware through a dedicated Telegram group and a Tor link where cybercriminals can acquire various payloads via subscriptions. The malware as a service group has been active since at least January, distributing a range of modules under the Eternity brand that - along with the stealer and miner malware - include ransomware, a distributed denial-of-service bot, worm and dropper, and a clipper that spoofs crypto addresses in wallets, the researchers wrote in a report.

Chipmaker Intel has confirmed that proprietary source code related to its Alder Lake CPUs has been leaked, following its release by an unknown third-party on 4chan and GitHub last week. The published content contains Unified Extensible Firmware Interface code for Alder Lake, the company's 12th generation processors that was originally launched in November 2021.

BNB Chain, a blockchain linked to the Binance cryptocurrency exchange, disclosed an exploit on a cross-chain bridge that drained around $100 million in digital assets. According to Binance CEO Changpeng Zhao, the exploit on the cross-chain bridge "Resulted in extra BNB," prompting a temporary suspension of the Binance Smart Chain.