Zoom for macOS Contains High-Risk Security Flaw
The vulnerability, which carries a CVSS severity score of 7.3/10, is documented as a debugging port misconfiguration that is opened by the Zoom client on macOS machines. Details from Zoom’s advisory: Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with 5.10.6 and prior to 5.12.0 contains a debugging port misconfiguration. When…
Seven ‘Creepy’ Backdoors Used by Lebanese Cyberspy Group in Israel Attacks
Polonium was initially detailed by Microsoft in June 2022, but evidence suggests that the group has been active since at least September 2021, mainly focusing on cyberespionage. Operating out of Lebanon, the APT is believed to be working with threat actors affiliated with Iran in the targeting of more than 20 communications, engineering, insurance, information…
New ‘Alchimist’ Attack Framework Targets Windows, Linux, macOS
Dubbed Alchimist and already used in the wild, the attack framework is implemented in GoLang, the same as the Insekt RAT that it implants on compromised systems. The attack framework provides a web interface written in simplified Chinese that allows operators to generate and deploy malicious payloads, establish remote connections, execute code on the compromised…
IronVest Emerges From Stealth Mode With $23 Million in Seed Funding
The investment round was led by Accomplice, with participation from Joule Ventures, OurCrowd, Trust Ventures, Ulysses, and several angel investors. Founded in December 2021, the New York-based company provides a biometric security and privacy application for protecting digital accounts across banking, email, investing, and healthcare services. IronVest says its solution takes a decentralized approach to…
Flaw in Microsoft OME Could Lead to Leakage of Encrypted Data
Issues with ECB are not unknown. In its Announcement of Proposal to Revise Special Publication 800-38A, NIST wrote, “The ECB mode encrypts plaintext blocks independently, without randomization; therefore, the inspection of any two ciphertext blocks reveals whether or not the corresponding plaintext blocks are equal… the use of ECB to encrypt confidential information constitutes a…
New Chinese Cyberespionage Group WIP19 Targets Telcos, IT Service Providers
The activities of this advanced persistent threat (APT), which SentinelOne tracks as WIP19, show overlaps with Operation Shadow Force, but it is unclear whether this is a new iteration of the campaign or the work of a different, more mature adversary using new malware and techniques. Mainly focused on entities in the Middle East and…
Mirai Botnet Launched 2.5 Tbps DDoS Attack Against Minecraft Server
The attack was aimed at a Minecraft server named Wynncraft and it involved UDP and TCP floods. However, the web security firm said it mitigated the attack, preventing it from causing any disruption to the game. While this may have been a record-breaking attack for Cloudflare, Microsoft last year observed an attack that peaked at…
DataGrail Raises $45 Million for Data Privacy Platform
The new investment round was led by Third Point Ventures, with participation from Cloud Apps Capital, Felicis Ventures, Next47, Operator Collective, Sixty Degree Capital, and Thomson Reuters Ventures. Founded in 2018, the San Francisco-based firm provides a data privacy solution that creates an automated map of all business systems within an organization, to provide visibility…
QBot Malware Infects Over 800 Corporate Users in New, Ongoing Campaign
Also known as Qakbot and Pinkslipbot, QBot is an information stealer with backdoor and self-spreading capabilities that has been around since 2009 and which is often used as the initial infection vector in malicious attacks. Earlier this year, QBot was distributed in attacks exploiting Follina, a Microsoft Support Diagnostic Tool (MSDT) vulnerability tracked as CVE-2022-30190,…
Chrome 106 Update Patches Several High-Severity Vulnerabilities
All the newly resolved vulnerabilities were discovered by external researchers and the internet giant has handed out $38,000 in bug bounty rewards to the reporters. Based on the bug bounty amounts that Google has paid out, the most severe of the newly addressed flaws is CVE-2022-3445, a use-after-free vulnerability in Skia, the open-source 2D graphics…
