Security News > 2023 > April

According to Mandiant, who has tracked APT43 since 2018, the threat actor aligns with the mission of the Reconnaissance General Bureau, the main foreign intelligence service from North Korea. In particular, malware and tools have been shared between APT43 and the infamous Lazarus threat actor.

Joe Burton, CEO of digital identity authentication company Telesign, spoke with TechRepublic about how the "Fuzzy" realm between statistical analysis and artificial intelligence can fuel global, fast and accurate identity management. Burton said the company is looking forward, with big plans to use new technologies and services powered by AI to set itself apart from competitors.

Following reports of a ransomware attack, Taiwanese PC vendor MSI confirmed today that its network was breached in a cyberattack. In a Friday filing with Taiwan's Stock Exchange, first spotted by PCMag, MSI revealed that some of its information service systems had been affected by a cyberattack reported to the relevant authorities.

An estimated one million WordPress websites have been compromised during a long-lasting campaign that exploits "All known and recently discovered theme and plugin vulnerabilities" to inject a Linux backdoor that researchers named Balad Injector. According to website security company Sucuri, the Balad Injector campaign is the same one that Dr. Web reported in December 2022 to leverage known flaws in several plugins and themes to plant a backdoor.

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

For-profit companies reportedly linked to sextortion activity are targeting victims using various deceptive tactics to pressure them into paying for "Assistance" services provided by non-profit agencies and law enforcement for free, the FBI warns. Sextortion is a digital extortion scheme where criminals use phishing emails or fake social media profiles to deceive potential victims into sharing explicit videos or images later used for blackmail.

In yet another sign that Telegram is increasingly becoming a thriving hub for cybercrime, researchers have found that threat actors are using the messaging platform to peddle phishing kits and help set up phishing campaigns. "To promote their 'goods,' phishers create Telegram channels through which they educate their audience about phishing and entertain subscribers with polls like, 'What type of personal data do you prefer?'," Kaspersky web content analyst Olga Svistunova said in a report published this week.

Cryptocurrency thieves are targeting users of Chromium-based browsers - Google Chrome, Microsoft Edge, Brave Browser, and Opera - with an extension that steals credentials and can grab multi-factor authentication codes. Dubbed Rilide by Trustwave researchers, the extension mimics the legitimate Google Drive extension while, in the background, it disables the Content Security Policy, collects system information, exfiltrates browsing history, takes screenshots, and injects malicious scripts.

A handful of bugs in Nexx's smart home devices can be exploited by crooks to, among other things, open doors, power off appliances, and disable alarms. The five vulnerabilities affect Nexx garage door controllers with firmware version nxg200v-p3-4-1 and prior; Nexx smart plugs version nxpg100cv4-0-0 and prior; and Nexx smart alarms version nxal100v-p1-9-1 and prior.

Phishers are targeting YouTube content creators by leveraging the service's Share Video by Email feature, which delivers the phishing email from an official YouTube email address. The email informs the targets of a new monetization policy, new rules, and prompts them to view a video.