Security News

Microsoft has patched a vulnerability that exposed 38TB of private data from its AI research division. The repository held 38TB of private data, secrets, private keys, passwords and the open-source AI training data.

The APT36 hacking group, aka 'Transparent Tribe,' has been observed using at least three Android apps that mimic YouTube to infect devices with their signature remote access trojan, 'CapraRAT.'. APT36 is a Pakistan-aligned threat actor known for using malicious or laced Android apps to attack Indian defense and government entities, those dealing with Kashmir region affairs, and human rights activists in Pakistan.

Microsoft says an Iranian-backed threat group has targeted thousands of organizations in the U.S. and worldwide in password spray attacks since February 2023. "Between February and July 2023, Peach Sandstorm carried out a wave of password spray attacks attempting to authenticate to thousands of environments," the Microsoft Threat Intelligence team said.

Software bug-tracking company Rollbar disclosed a data breach after unknown attackers hacked its systems in early August and gained access to customer access tokens.The security breach was discovered by Rollbar on September 6 when reviewing data warehouse logs showing that a service account was used to log into the cloud-based bug monitoring platform.

A report from blockchain security firm PeckShield says that the attack drained CoinEx of about $19 million in $ETH, $11 million in $TRON, $6.4 million in Smart Chain Coin, $6 million in Bitcoin , and approximately $295,000 in. A more recent estimation on the CoinEx losses coming from CertiK Alert raises the figure to $53 million, analyzed as seen in this document.

A new ransomware strain called 3AM has been uncovered after a threat actor used it in an attack that failed to deploy LockBit ransomware on a target network. Researchers say in a report today that the new malware "Has only been used in a limited fashion" and it was a ransomware affiliate's fallback when defense mechanisms blocked LockBit.

In its 2023 Mid-Year Cyber Security Report, Check Point Software spotlighted numerous exploits so far this year, including novel uses of artificial intelligence and an old-school attack vector: USB drives. Check Point also reported that state-aligned threat actors are even launching 10-year-old infections such as ANDROMEDA via USB drives.

Although ShadowPad is a widely available trojan that multiple APT groups use, Symantec tracks the recent attacks separately, reporting that Redfly appears to have an exclusive focus on critical national infrastructure. The ShadowPad variant seen in the attacks masquerades its components as VMware files, dropping them on the victim's filesystem.

Bruschetta-Board is a device for all hardware hackers looking for a fairly-priced all-in-one debugger and programmer that supports UART, JTAG, I2C & SPI protocols and allows to interact with different targets' voltages. A handy feature of Bruschetta-Board is the fact it mounts level shifters.

A nation-state threat actor known as 'Charming Kitten' has been observed deploying a previously unknown backdoor malware named 'Sponsor' against 34 companies around the globe. One of the notable features of the Sponsor backdoor is that it hides its otherwise innocuous configuration files on the victim's disk so they can be discreetly deployed by malicious batch scripts, successfully evading detection.