YTStealer is a new malware designed to steal YouTube authentication cookies. Discovered by Intezer researchers, the malware, which is based on the Chacal open-source GitHub project, operates as a typical stealer. Once installed, its first goal is performing environment checks…
Security researchers discovered a new sandbox evasion technique. Called API hammering, the technique involves the use of a large number of calls to Windows APIs to achieve an extended sleep condition. The latter helps to evade detection in sandbox environments.…
Cybersecurity researchers detected a new malware tool that helps threat actors build malicious Windows shortcut files, known as .LNK files. Quantum LNK Builder and the Use of .lnk Files Dubbed Quantum Lnk Builder, the tool is currently being offered for…
CVE-2019-11043 is a critical, three-year-old PHP vulnerability that currently exposes QNAP NAS devices. CVE-2019-11043 Technical Overview The vulnerability affects PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24, and 7.3.x below 7.3.11 with improper nginx config. According to its technical profile,…
CVE-2022-22620 is a security vulnerability in Apple’s Safari browser which has been exploited in the wild. Originally patched in 2013, the flaw re-emerged in December 2016, Maddie Stone from Google Project Zero said in her analysis. The researcher referred to…
CVE-2022-25845 is a high-severity security flaw (rating 8.1 out of 10 on the CVSS scale) in the well-known Fastjson library which could be used in remote code execution attacks. Fortunately, the vulnerability is already patched. The vulnerability stems from deserialization…
Hertzbleed is a new family of side-channel attacks associated with frequency side channels that may allow information disclosure. The issue was discovered and detailed by a group of researchers from University of Texas, University of Washington, and University of Illinois…
Microsoft’s June 2022 Patch Tuesday has rolled out, containing fixes for 55 vulnerabilities, including the infamous Follina flaw. Until today, only a mitigation was available for the CVE-2022-30190 Microsoft Office zero-day which could be leveraged in arbitrary code execution attacks.…
PureCrypter is a new malware loader currently being developed by a threat actor known as PureCoder. The loader is fully-featured and has been sold in underground markets since at least March 2021, according to a new report by Zscaler researchers.…
Here’s an example of an actively exploited vulnerability which is now used by ransomware operators: CVE-2022-26134. This is indeed the critical Atlassian unauthenticated remote code execution vulnerability in its Confluence Server and Data Center. The vulnerability ensures initial access to…
HelloXD is the name of a relatively new ransomware family which has been carrying out double extortion attacks since November 2021. The ransomware has multiple variants that impact both Windows and Linux systems. What distinguishes HelloXD from other, similar ransomware…
A team of MIT CSAIL researchers recently disclosed PACMAN, “a novel hardware attack that can bypass Pointer Authentication (PAC) on the Apple M1 CPU.” The attack is based on speculative execution attacks to circumvent a central memory protection mechanism, known…
Symbiote, discovered by Blackberry researchers, is a new Linux malware designed to infect all running processes on infected machines. The malware is capable of stealing account credentials and providing backdoor access to its operators. A Look into Symbiote Linux Malware…
Recently, we wrote about the so-called Follina Windows vulnerability which was later given the CVE-2022-30190 identifier. The vulnerability was unearthed by the nao_sec research team, following the discovery of a Word Document uploaded to VirusTotal from a Belarusian IP address.…
Emotet malware is back with a new module designed to siphon credit card details specifically in Chrome. Emotet Is Back… Again The discovery comes from Proofpoint researchers who observed the new module being dropped by the E4 botnet. “To our…
A new malware loader on the rise. Hp Threat Research has released a new report detailing a new loader. The researchers have been observing new malicious spam campaigns since the end of April 2022, distributing a previously unknown malware, called…
Two security vulnerabilities, CVE-2022-30790 and CVE-2022-30552, were discovered in U-boot, a popular boot loader for embedded systems. The loader has many implementations for various architectures, and is present in most Linux-based embedded systems, including ChromeOS and Android. The two vulnerabilities…
Apple recently previewed its latest macOS Ventura version, which is expected to be released this fall. The operating system introduces many improvements and new features, one of which the so-called Rapid Security Response. macOS Ventura Introduces Rapid Security Response The…
Apple has released a new report dedicated to its App Store, revealing that the company protected its customers from losing approximately $1.5 billion in fraudulent transactions. Altogether, Apple stopped more than 1.6 million suspicious apps and app updates from affecting…
GitLab has discovered and fixed a highly critical vulnerability that could lead to account takeover. Tracked as CVE-2022-1680 and rated 9.9 out of 10 on the CVSS scale, the flaw affects all versions of GitLab Enterprise Edition from 11.10 before…
