Ukrainian cyber defenders report that fast-acting Russian military intelligence hackers have been targeting government agencies as well as organizations in Poland using backdoor malware tied to phishing lures based on a fake letter from the Ukrainian deputy prime minister. The Computer Emergency Response Team of Ukraine on Thursday detailed a spear-phishing campaign that it has…
Experts warn of an authentication bypass zero-day flaw that affects Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system. An attacker can trigger the vulnerability, tracked as CVE-2023-51467, to bypass authentication to achieve a simple Server-Side Request Forgery (SSRF) The issue resides in the login functionality and results from an incomplete patch for the Pre-auth…
A new malware loader is being used by threat actors to deliver a wide range of information stealers such as Lumma Stealer (aka LummaC2), Vidar, RecordBreaker (aka Raccoon Stealer V2), and Rescoms. Cybersecurity firm ESET is tracking the trojan under the name Win/TrojanDownloader.Rugmi. “This malware is a loader with three types of components: a downloader…
McAfee Mobile Research Team discovered a new Android backdoor dubbed Xamalicious that can take full control of the device and perform fraudulent actions. The malware has been implemented with Xamarin, an open-source framework that allows building Android and iOS apps with .NET and C#. Xamalicious relies on social engineering to gain accessibility privileges, then it…
A new zero-day security flaw has been discovered in Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system that could be exploited to bypass authentication protections. The vulnerability, tracked as CVE-2023-51467, resides in the login functionality and is the result of an incomplete patch for another critical vulnerability (CVE-2023-49070, CVSS score: 9.8) that was released…
A Russian man accused by the United States of trafficking in a hacked database of online credentials will apparently evade American courts after the Russian government said it had succeeded in extraditing him. Russian prosecutors said authorities in Kazakhstan will transfer the man, Nikita Kislitsin, to face charges related to an October 2022 hacking incident…
Active since early 2023, the malware initially targeted mobile banking applications in Australia and Poland, but has since expanded its reach to the UK and Italy. When initially uncovered, ThreatFabric explains, Chameleon used multiple loggers, had limited malicious functionality, and contained various unused commands, suggesting that it was still under development. Employing a proxy feature…
Hackers allegedly connected to the People’s Liberation Army in China are responsible for a series of recent attacks on critical infrastructure in the USA, according to a report first published in the Washington Post. The attacks on tens of sensitive sites were on locations of extreme importance. Locations such as Hawaii, Guam, the West Coast,…
The company said the new equity round was led by L2 Point Management and brings the total raised to $70 million. SimSpace is marketing a so-called “Cyber Force Platform” that provides technology for organizations to stand up pre-defined or customized cyber range simulations that are secure and scalable “SimSpace’s internal threat intelligence teams and partners,…
Cyberattackers can exploit access control measures installed on supposedly secure facility doors to gain unauthorized building access to sensitive locations — as well as breach internal IP networks directly from these systems, researchers are warning. In a closed-door session at Black Hat Europe 2023 this month, analysts at Otorio demonstrated how attackers can easily subvert…