Signal App Waves Off Alleged Vulnerability Claims Main Points Signal, the encrypted messaging platform, has rejected viral reports of an alleged zero-day flaw in its software. In its investigation, Signal found no evidence to show that this vulnerability is real. The information regarding the alleged vulnerability hasn’t been shared through Signal’s official reporting platforms. Signal’s
Read More
EtherHiding: Binance’s Smart Chain Contracts Turned Evil Main Points: Threat actors have been observed using Binance’s Smart Chain (BSC) contracts to serve malicious code, in an action termed as the “next level of bulletproof hosting.” Guardio Labs detected the activity two months ago and has since codenamed it EtherHiding. The said activity is a novel
Read More
Harvesting Trouble: Exploiting the Critical Flaw in Citrix NetScaler ADC and Gateway Devices Main Points: – Discovery of a critical flaw in Citrix NetScaler ADC and Gateway devices. – Threat actors are exploiting this flaw to conduct a credential harvesting campaign. – The flaw was uncovered by IBM X-Force last month. – Adversaries are using
Read More
Attack of the PEACHPIT: Unearthing the Android & iOS Ad Fraud Botnet Main points PEACHPIT, an ad fraud botnet, used hundreds of thousands of Android and iOS devices to generate illegal profits It is part of a broader China-based operation dubbed BADBOX BADBOX also involves selling backdoored mobile and connected TV (CTV) devices on reputed
Read More
A New Phishing Campaign Targets U.S. Executives Using EvilProxy Main Points: – U.S.-based senior executives are being targeted by a new phishing campaign. – The campaign uses the popular adversary-in-the-middle (AiTM) toolkit EvilProxy. – The activity was first observed by Menlo Security in July 2023. – The campaign primarily targets the banking and financial services,
Read More
Artificial Intelligence & Large Language Models: Friends with Hidden Foibles? A. The Integration of AI and LLM in modern industries The unmistakable tango of disruption has begun in the tech industry, and Artificial Intelligence (AI) and Large Language Models (LLMs) are leading the dance. Several sectors are being swept up by this AI-Language love affair,
Read More
AI Program Writes Keylogger In Python Here are the main points of the article: – Moonlock Lab published screenshots showing ChatGPT, an AI program, writing keylogger code in Python. – The keywords “MyHotKeyHandler,” “Keylogger,” and “macOS” were associated with this particular output. – An advisory notice was included, cautioning against using the code for illegal
Read More
Intense Security Vulnerabilities Uncovered in ConnectedIO’s ER2000 Edge Routers High-severity security vulnerabilities have been disclosed in ConnectedIO’s ER2000 edge routers. The issues also extend to the cloud-based management platform linked with the routers. Exploitation of these vulnerabilities could lead to the execution of harmful code and unauthorized access to sensitive data. Potential attackers could utilize
Read More
Two Upcoming Security Vulnerabilities Found in Curl Library – The Curl library maintainers have issued an advisory detailing two impending security vulnerabilities expected to be fixed on October 11, 2023. – These include a high severity and a low-severity flaw tagged as CVE-2023-38545 and CVE-2023-38546 respectively. – Detailed particulars on the issues and affected versions
Read More
Gaza-Based Cyber Threat Targets Israeli Sectors; Microsoft on Watch Key Findings: A Gaza-based threat actor targets Israeli organizations in the energy, defense, and telecommunications sectors Microsoft, in its fourth annual Digital Defense Report, is tracking the cyberattack campaign christened ‘Storm-1133’ This group is considered to be working in favor of Hamas, a Sunni militant group
Read MoreNo products in the cart.