Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

WhatsApp refuses to weaken encryption, would rather leave UK

Categories: News Categories: Privacy Tags: WhatsApp Tags: Online Safety Bill Tags: encryption Tags: Signal end-to-end encryption Tags: private messaging With the UK's Online Safety Bill set to become law this year, WhatsApp is standing its ground against weakening encryption. (Read more...) The post WhatsApp refuses to weaken encryption, would rather leave UK appeared first on Malwarebytes Labs.

Malwarebytes
Open in Source
#vulnerability#backdoor#sap
ChatGPT Browser Extension Hijacks Facebook Business Accounts

Between March 3 and March 9, at least 2,000 people a day downloaded the malicious "Quick access to ChatGPT" Chrome extension from the Google Play app store.

Malware targeting SonicWall devices could survive firmware updates

Categories: News Researchers at Mandiant have identified a campaign that persisted on SonicWall SMA 100 Series appliances tenaciously. (Read more...) The post Malware targeting SonicWall devices could survive firmware updates appeared first on Malwarebytes Labs.

China-linked Hackers Targeting Unpatched SonicWall SMA Devices with Malware

A suspecting China-linked hacking campaign has been observed targeting unpatched SonicWall Secure Mobile Access (SMA) 100 appliances to drop malware and establish long-term persistence. "The malware has functionality to steal user credentials, provide shell access, and persist through firmware upgrades," cybersecurity company Mandiant said in a technical report published this week. The

North Korean UNC2970 Hackers Expands Operations with New Malware Families

A North Korean espionage group tracked as UNC2970 has been observed employing previously undocumented malware families as part of a spear-phishing campaign targeting U.S. and European media and technology organizations since June 2022. Google-owned Mandiant said the threat cluster shares "multiple overlaps" with a long-running operation dubbed "Dream Job" that employs job recruitment lures in

Congressman Darin LaHood Says FBI Targeted Him With Unlawful 'Backdoor' Searches

Representative Darin LaHood's claim that he was the subject of “backdoor” searches comes at a dicey moment for the bureau.

Hackers Exploiting Remote Desktop Software Flaws to Deploy PlugX Malware

Security vulnerabilities in remote desktop programs such as Sunlogin and AweSun are being exploited by threat actors to deploy the PlugX malware. AhnLab Security Emergency Response Center (ASEC), in a new analysis, said it marks the continued abuse of the flaws to deliver a variety of payloads on compromised systems. This includes the Sliver post-exploitation framework, XMRig cryptocurrency

Prometei botnet improves modules and exhibits new capabilities in recent updates

Prometei botnet continued its activity since Cisco Talos first reported about it in 2020. Since November 2022, we have observed Prometei improving the infrastructure components and capabilities.

Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity

The North Korea-linked Lazarus Group has been observed weaponizing flaws in an undisclosed software to breach a financial business entity in South Korea twice within a span of a year. While the first attack in May 2022 entailed the use of a vulnerable version of a certificate software that's widely used by public institutions and universities, the re-infiltration in October 2022 involved the

Sharp Panda Using New Soul Framework Version to Target Southeast Asian Governments

High-profile government entities in Southeast Asia are the target of a cyber espionage campaign undertaken by a Chinese threat actor known as Sharp Panda since late last year. The intrusions are characterized by the use of a new version of the Soul modular framework, marking a departure from the group's attack chains observed in 2021. Israeli cybersecurity company Check Point said the "