Nation-state malware could become a commodity on dark web soon, Interpol warns

Interpol Secretary warns that nation-state malware will become available on the cybercrime underground in a couple of years. Interpol Secretary General Jurgen Stock declared that nation-state malwre will become available on the darknet in a couple of years. In the ongoing conflict between Russia and Ukraine, the malware developed by both...

20m

Russia-linked Turla APT targets Austria, Estonia, and NATO platform

Russia-linked APT group Turla was observed targeting the Austrian Economic Chamber, a NATO eLearning platform, and the Baltic Defense College. Researchers from SEKOIA.IO Threat & Detection Research (TDR) team have uncovered a reconnaissance and espionage campaign conducted by Russia-linked Turla APT aimed at the Baltic Defense College, the Austrian...

4h

Russia-linked Fronton botnet could run disinformation campaigns

Researchers warn that the Fronton botnet was used by Russia-linked threat actors for coordinated disinformation campaigns. Fronton is a distributed denial-of-service (DDoS) botnet that was used by Russia-linked threat actors for coordinated disinformation campaigns. In March 2020, the collective of hacktivists called “Digital Revolution”...

16h

A flaw in PayPal can allow attackers to steal money from users’ account

A security researcher announced the discovery of an unpatched flaw in PayPal that could allow attackers to steal money from users. TheHackerNews first reported that a security researcher (that goes online with the moniker h4x0r_dz) has discovered an unpatched flaw in PayPal that could allow attackers to trick users into completing transactions...

19h

Cytrox’s Predator spyware used zero-day exploits in 3 campaigns

Google’s Threat Analysis Group (TAG) uncovered campaigns targeting Android users with five zero-day vulnerabilities. Google’s Threat Analysis Group (TAG) researchers discovered three campaigns, between August and October 2021, targeting Android users with five zero-day vulnerabilities. More TAG research from @_clem1 & @0xbadcafe1Campaigns...

1d

Threat actors target the infoSec community with fake PoC exploits

Researchers uncovered a malware campaign targeting the infoSec community with fake Proof Of Concept to deliver a Cobalt Strike beacon. Researchers from threat intelligence firm Cyble uncovered a malware campaign targeting the infoSec community. The expert discovered a post where a researcher were sharing a fake Proof of Concept (POC) exploit...

1d

Security Affairs newsletter Round 366 by Pierluigi Paganini

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Asian media company Nikkei suffered a ransomware attackRussia-linked Sandworm...

1d

North Korea-linked Lazarus APT uses Log4J to target VMware servers

North Korea-linked Lazarus APT is exploiting the Log4J remote code execution (RCE) in attacks aimed at VMware Horizon servers. North Korea-linked group Lazarus is exploiting the Log4J RCE vulnerability (CVE-2021-44228) to compromise VMware Horizon servers. Multiple threat actors are exploiting this flaw since January, in January...

1d

The Pwn2Own Vancouver 2022: Trend Micro and ZDI awarded $1,155,000

The Pwn2Own Vancouver 2022 hacking contest ended, Trend Micro and ZDI awarded a total of $1,155,000 for successful attempts! During the third day of the Pwn2Own Vancouver 2022 hacking competition, white hat hackers demonstrated a working exploit against Microsoft Windows 11 OS. nghiadt12 from Viettel Cyber Security demonstrated an exploit...

2d

Asian media company Nikkei suffered a ransomware attack

The media company Nikkei has disclosed a ransomware attack and revealed that the incident might have impacted customer data. The Japanese-based media company Nikkey is focused on the business and financial industry, it is the world’s largest financial newspaper. This week the company disclosed a security breach, ransomware infected one of...

2d