New ransomware HavanaCrypt poses as Google software update
A new strain of ransomware has been making victims for the past two months, masquerading as a Google software update application.
Stories by Lucian Constantin
-
-
"Evil PLC Attack" weaponises PLCs to infect engineering workstations
Researchers demonstrate a proof of concept where hijacked programmable logic controllers can compromise engineering workstations to allow lateral movement.
-
New exploits can bypass Secure Boot and modern UEFI security protections
Two research groups demonstrate PC firmware vulnerabilities that are difficult to mitigate and likely to be exploited in the wild.
-
Chinese APT group uses multiple backdoors in attacks on military and research organisations
The TA428 group has been successful by targeting known vulnerabilities and using known detection evasion techniques.
-
Sophisticated malware of Chinese origin shows up again in the wild after 3 years
The sophisticated rootkit malware infects system firmware to avoid detection and has claimed victims in China, Iran, Vietnam and Russia.
-
GPS trackers used for vehicle fleet management can be hijacked by hackers
At least one model of GPS tracking devices made by Chinese firm MiCODUS "lacks basic security protections needed to protect users from serious security issues".
-
New speculative execution attack Retbleed impacts Intel and AMD CPUs
Unlike other speculative execution attacks like Spectre, Retbleed exploits return instructions rather than indirect jumps or calls.
-
Office 365 phishing campaign that can bypass MFA targets 10,000 organisations
The phishing web pages that this adversary-in-the-middle phishing campaign uses act as a proxy and pull content from the legitimate Office 365 login page.
-
Attacker groups adopt new penetration testing tool Brute Ratel
APT group's use of a legitimate pen-testing tool gives them stealth capabilities, allowing them to avoid detection by EDR and antivirus tools.
-
APT campaign targeting SOHO routers highlights risks to remote workers
The ZuoRAT remote access Trojan malware can compromise multiple router brands and likely has been active for years.
-
Dozens of insecure-by-design flaws found in vendor OT products
A new research project from OT:ICEFALL has uncovered 56 vulnerabilities in operational technology (OT) devices from 10 different vendors.
-
Ransomware could target OneDrive and SharePoint files by abusing versioning configurations
A proof-of-concept exploit could make Office 365 or Microsoft 365 documents stored on OneDrive or SharePoint inaccessible.
-
New peer-to-peer botnet Panchan hijacks Linux servers
Researchers warn of a new worm that's infecting Linux servers by brute-forcing and stealing SSH credentials.
-
Hackers using stealthy Linux back-door Symbiote to steal credentials
Researchers have come across a stealthy Linux backdoor that uses sophisticated techniques to hide itself on compromised servers and steal credentials.
-
Zero-day flaw in Atlassian Confluence exploited in the wild since May
Atlassian has issued emergency patches for the vulnerability, which could allow attackers to perform remote code execution.
Events
ARN Innovation Awards 2023
Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.
Brand Post
Sustainable Electronics Solutions: The Value of Educating Consumers
Sponsored By
