Security News

IcedID malware, in the hijacked email thread, with the insecure Exchange servers
2022-03-29 01:56

Cyber-criminals are using compromised Microsoft Exchange servers to spam out emails designed to infect people's PCs with IcedID,. It popped up last year when crooks hijacked a BP Chargemaster domain to spam out emails to spread IcedID. On Monday, Fortinet's FortiGuard Labs said it observed an email sent to a Ukrainian fuel company with a.zip containing a file that when opened drops IcedID on the PC. Security vendor Intezer also on Monday said it had seen unsecured Microsoft Exchange servers spamming out IcedID emails.

Has Trickbot gang hijacked your router? This scanner may have an answer
2022-03-17 20:51

Microsoft has published a tool that scans for and detects MikroTik-powered Internet-of-Things devices that have been hijacked by the Trickbot gang. The open-source scanner comes after an investigation by Redmond's Defender for IoT research team into how the nefarious malware crew takes over MikroTik routers and sets them up to funnel communications to and from Trickbot-infected computers on the network and the criminals' backend servers.

Widely used UPS devices can be hijacked and destroyed remotely
2022-03-08 11:12

Three vulnerabilities in ubiquitous APC Smart-UPS devices could allow remote attackers to use them as an attack vector, disable or completely destroy them, Armis researchers have discovered. "The latest APC Smart-UPS models are controlled through a Cloud connection. Armis researchers found that an attacker exploiting the TLStorm vulnerabilities could remotely take over devices via the Internet without any user interaction or signs of attack. As a result, attackers can perform a remote-code execution attack on a device, which in turn could be used to alter the operations of the UPS to physically damage the device itself or other assets connected to it," the researchers noted.

Amazon Alexa can be hijacked via commands from own speaker
2022-03-03 18:31

Without a critical update, Amazon Alexa devices could wake themselves up and start executing audio commands issued by a remote attacker, according to infosec researchers at Royal Holloway, University of London. Executing the attack requires exploitation of Amazon Alexa Skills.

Finland warns of Facebook accounts hijacked via Messenger phishing
2022-01-28 12:52

Finland's National Cyber Security Centre warns of an ongoing phishing campaign attempting to hijack Facebook accounts by impersonating victims' friends in Facebook Messenger chats. In the alert, the NCSC-FI says that all Facebook users who received messages from online acquaintances asking for their phone numbers and a verification number delivered via SMS are the targets of this ongoing scam.

Alibaba ECS instances actively hijacked by cryptomining malware
2021-11-15 19:15

Threat actors are hijacking Alibaba Elastic Computing Service instances to install cryptominer malware and harness the available server resources for their own profit. Even better, to protect against malware such as cryptominers, ECS comes with a pre-installed security agent.

Malicious Chrome extensions are bad. But what about nice ones that can be hijacked? This new tool spots them
2021-11-11 08:36

Security researchers from Germany's CISPA Helmholtz Center for Information Security have developed software to help identify Chrome extensions that are vulnerable to exploitation by malicious webpages and other extensions. Under its old platform rules, known as Manifest v2, Chrome extensions had broad powers that could easily be misused.

Popular 'coa' NPM library hijacked to steal user passwords
2021-11-04 18:06

Popular npm library 'coa' was hijacked today with malicious code injected into it, ephemerally impacting React pipelines around the world. Today, developers around the world were left surprised to notice new releases for npm library 'coa'-a project that hasn't been touched for years, unexpectedly appear on npm.

Popular npm library 'coa' hijacked breaking React pipelines worldwide
2021-11-04 18:06

Popular npm library 'coa' was hijacked today with malicious code injected into it, ephemerally impacting React pipelines around the world. Today, developers around the world were left surprised to notice new releases for npm library 'coa'-a project that hasn't been touched for years, unexpectedly appear on npm.

Week in review: Popular npm package hijacked, zero trust security key tenets, wildcard certificate risks
2021-10-31 09:00

Apple fixes security feature bypass in macOSApple has delivered a barrage of security updates for most of its devices this week, and among the vulnerabilities fixed are CVE-2021-30892, a System Integrity Protection bypass in macOS, and CVE-2021-30883, an iOS flaw that's actively exploited by attackers. Good security habits: Leveraging the science behind how humans develop habitsIn this interview with Help Net Security, George Finney, CSO at Southern Methodist University, explains what good security habits are, how to successfully implement them and why are they important.