Security News > 2023 > March

Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices
2023-03-29 13:52

A number of zero-day vulnerabilities that were addressed last year were exploited by commercial spyware vendors to target Android and iOS devices, Google's Threat Analysis Group has revealed. Upon clicking, the URLs redirected the recipients to web pages hosting exploits for Android or iOS, before they were redirected again to legitimate news or shipment-tracking websites.

Microsoft unveils AI-powered Security Copilot analysis tool
2023-03-29 13:03

Microsoft has unveiled Security Copilot, an AI-powered analysis tool that aims to simplify, augment and accelerate security operations professionals' work. Security Copilot takes the form of a prompt bar through which security operation center analysts ask questions in natural language and receive practical responses.

Mélofée: Researchers Uncover New Linux Malware Linked to Chinese APT Groups
2023-03-29 12:01

An unknown Chinese state-sponsored hacking group has been linked to a novel piece of malware aimed at Linux servers. "The rootkit has a limited set of features, mainly installing a hook designed for hiding itself."

Google finds more Android, iOS zero-days used to install spyware
2023-03-29 12:00

Google's Threat Analysis Group discovered several exploit chains using Android, iOS, and Chrome zero-day and n-day vulnerabilities to install commercial spyware and malicious apps on targets' devices. The attackers targeted iOS and Android users with separate exploit chains as part of a first campaign spotted in November 2022.

Smart Mobility has a Blindspot When it Comes to API Security
2023-03-29 11:43

WAF is not enough: developing a contextual framework for smart mobility API security#. Smart mobility services have always been monitoring and securing API transactions to avoid revenue loss due to fraud, service downtime, and compromising organizational or users private data.

How to Build a Research Lab for Reverse Engineering — 4 Ways
2023-03-29 11:43

In this article, we'll look at 4 ways to create a reverse engineering lab, discuss how to save time, and, potentially, improve the detection rate using a cloud service, and a recommended list of tools for a comprehensive setup. In essence, a malware analysis lab provides a safe, isolated space for examining malware.

The Security Vulnerabilities of Message Interoperability
2023-03-29 11:03

The Digital Markets Act ruled that users on different platforms should be able to exchange messages with each other. How will the networks manage keys, authenticate users, and moderate content? How much metadata will have to be shared, and how?

FTX cryptovillain Sam Bankman-Fried charged with bribing Chinese officials
2023-03-29 10:24

US authorities have charged FTX co-founder Sam Bankman-Fried with attempting to bribe Chinese officials with $40 million worth of cryptocurrency in exchange for unfreezing trading accounts. The indictment [PDF] alleges the Chinese government froze over $1 billion worth of Alameda Research digital assets and that after SBF tried to secure access he broke out the checkbook.

Trojanized TOR Browser Installers Spreading Crypto-Stealing Clipper Malware
2023-03-29 09:17

Trojanized installers for the TOR anonymity browser are being used to target users in Russia and Eastern Europe with clipper malware designed to siphon cryptocurrencies since September 2022. "Clipboard injectors can be silent for years, show no network activity or any other signs of presence until the disastrous day when they replace a crypto wallet address," Vitaly Kamluk, director of global research and analysis team for APAC at Kaspersky, said.

DDoS DNS attacks are old-school, unsophisticated … and they’re back
2023-03-29 08:34

Cloudflare research showed a "Massive spike" in application layer DDoS attacks in Q1 2022, while network layer attacks also jumped substantially. The DDoS attacks themselves are getting bigger, says Klaus Darilion, head of operations of the anycast service RcodeZero DNS, because the internet itself is getting bigger and attackers have more bandwidth to play with.