Security News

Researchers Uncover Publisher Spoofing Bug in Microsoft Visual Studio Installer
2023-06-12 12:47

Security researchers have warned about an "Easily exploitable" flaw in the Microsoft Visual Studio installer that could be abused by a malicious actor to impersonate a legitimate publisher and distribute malicious extensions. "A threat actor could impersonate a popular publisher and issue a malicious extension to compromise a targeted system," Varonis researcher Dolev Taler said.

Darkweb credit card marts in decline across Asia, researchers claim
2023-06-09 03:31

The number of stolen Asian credit card numbers appearing on darkweb crime marts has fallen sharply, cyber security firm Group-IB told Singapore's ATxSG conference on Thursday. Out of 29 million compromised accounts found on sale on the dark web, over 12 million featured top level domains related to India.

Researchers claim Windows “backdoor” affects hundreds of Gigabyte motherboards
2023-06-02 18:56

Researchers at firmware and supply-chain security company Ecylpsium claim to have found what they have rather dramtically dubbed a "Backdoor" in hundreds of motherboard models from well-known hardware maker Gigabyte. You can reinstall Windows at any time, and a standard Windows image doesn't know whether you're going to be using a Gigabyte motherboard or not, so it doesn't come with GigabyteUpdateService.

Predator Android Spyware: Researchers Uncover New Data Theft Capabilities
2023-05-26 12:39

Security researchers have shared a deep dive into the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexa. "A deep dive into both spyware components indicates that Alien is more than just a loader for Predator and actively sets up the low-level capabilities needed for Predator to spy on its victims," Cisco Talos said in a technical report.

Researchers Uncover Powerful Backdoor and Custom Implant in Year-Long Cyber Campaign
2023-05-15 10:17

Symantec, by Broadcom Software, is tracking the activity under its insect-themed moniker Lancefly, with the attacks making use of a "Powerful" backdoor called Merdoor. "The backdoor is used very selectively, appearing on just a handful of networks and a small number of machines over the years, with its use appearing to be highly targeted," Symantec said in an analysis shared with The Hacker News.

Millions of mobile phones come pre-infected with malware, say researchers
2023-05-11 17:58

Black Hat Asia Threat groups have infected millions of Androids worldwide with malicious firmware before the devices have even been shipped from their manufacturers, according to Trend Micro researchers at Black Hat Asia. The mainly mobile devices, but also smartwatches, TVs and more, have their manufacturing outsourced to an original equipment manufacturer, a process the researchers say makes them easily infiltrated.

Low-level motherboard security keys leaked in MSI breach, claim researchers
2023-05-09 18:58

The company's mea culpa came two days after a cyberextortion gang going by the name Money Message claimed to have stolen MSI source code, BIOS development tools, and private keys. Researchers at vulnerability research company Binarly claim not only to have got hold of the data stolen in the breach, but also to have searched through it for embedded crpyotgraphic keys and come up with numerous hits.

Researchers Uncover SideWinder's Latest Server-Based Polymorphism Technique
2023-05-09 09:39

The advanced persistent threat actor known as SideWinder has been accused of deploying a backdoor in attacks directed against Pakistan government organizations as part of a campaign that commenced in late November 2022. "In this campaign, the SideWinder advanced persistent threat group used a server-based polymorphism technique to deliver the next stage payload," the BlackBerry Research and Intelligence Team said in a technical report published Monday.

Researchers Discover 3 Vulnerabilities in Microsoft Azure API Management Service
2023-05-04 13:19

Three new security flaws have been disclosed in Microsoft Azure API Management service that could be abused by malicious actors to gain access to sensitive information or backend services. This includes two server-side request forgery flaws and one instance of unrestricted file upload functionality in the API Management developer portal, according to Israeli cloud security firm Ermetic.

Researchers Uncover New Exploit for PaperCut Vulnerability That Can Bypass Detection
2023-05-04 13:03

Cybersecurity researchers have found a way to exploit a recently disclosed critical flaw in PaperCut servers in a manner that bypasses all current detections. Tracked as CVE-2023-27350, the issue affects PaperCut MF and NG installations that could be exploited by an unauthenticated attacker to execute arbitrary code with SYSTEM privileges.