Security News
A never-before-seen complex malware is targeting business-grade routers to covertly spy on victims in Latin America, Europe, and North America at least since July 2022. Given that the impacted devices are high-bandwidth routers that can simultaneously support hundreds of VPN connections, it's being suspected that the goal is to spy on targets and establish a stealthy proxy network.
The US Department of Commerce added six more entities to its blacklist on Friday on grounds of national security after an errant Chinese surveillance balloon was shot down over the US last week. According to White House press secretary Karine Jean-Pierre, the balloon followed a flight path, and the US did not give any credence to the Chinese argument that the balloon veered off course.
At the time, Abouammo was facing up to 20 years behind bars for, while working for Twitter in the US, leaking to Saudi Arabia sensitive information about 6,000 Twitter accounts that could be used to identify and locate users who were of interest to the Saudi royals. Instead, a judge this week sentenced Abouammo to 42 months in federal prison followed by three years of supervised release.
The North Korea-linked ScarCruft group has been attributed to a previously undocumented backdoor called Dolphin that the threat actor has used against targets located in its southern counterpart. "The backdoor has a wide range of spying capabilities, including monitoring drives and portable devices and exfiltrating files of interest, keylogging and taking screenshots, and stealing credentials from browsers," ESET researcher Filip Jurčacko said in a new report published today.
The North Korea-linked ScarCruft group has been attributed to a previously undocumented backdoor called Dolphin that the threat actor has used against targets located in its southern counterpart. "The backdoor has a wide range of spying capabilities, including monitoring drives and portable devices and exfiltrating files of interest, keylogging and taking screenshots, and stealing credentials from browsers," ESET researcher Filip Jurčacko said in a new report published today.
US Navy nuclear engineer Jonathan Toebbe and his wife Diana Toebbe were sentenced to 232 months and 262 months, respectively, on charges that they worked together to hand numerous physical and electronic documents, including schematics for the advanced Virginia-class nuclear submarine, to an agent of a foreign government. Toebbe never spoke to a spy - when the unnamed foreign government received an initial teaser package of documents from the engineer, it handed them right over to a local FBI attaché.
The Iranian threat actor known as Domestic Kitten has been attributed to a new mobile campaign that masquerades as a translation app to distribute an updated variant of an Android malware known as FurBall. "Since June 2021, it has been distributed as a translation app via a copycat of an Iranian website that provides translated articles, journals, and books," ESET researcher Lukas Stefanko said in a report shared with The Hacker News.
When camera mode rendering context is enabled as part of the Zoom App Layers API by running certain Zoom Apps, a local debugging port is opened by the Zoom client. A "Debugging port" typically refers to a listening network connection, usually a TCP socket, that handles debugging requests.
Modified off-the-shelf drones have been found carrying wireless network-intrusion kit in a very unlikely place. The idea of using consumer-oriented drones for hacking has been explored over the past decade at security conferences like Black Hat 2016, in both the US and in Europe.
The North Korean state-sponsored crime ring Lazarus Group is behind a new cyberespionage campaign with the goal to steal data and trade secrets from energy providers across the US, Canada and Japan, according to Cisco Talos. The Lazarus Group is perhaps best known for the infamous WannaCry attacks and a ton of cryptocurrency theft.