Stealthy KV-botnet hijacks SOHO routers and VPN devices
The Chinese state-sponsored APT hacking group known as Volt Typhoon (Bronze Silhouette) has been linked to a sophisticated botnet named ‘KV-botnet’ since at least 2022…
Month: December 2023
NAB decommissions 26-year-old Teradata platform – Finance – Cloud – Software
NAB has decommissioned its 26-year-old Teradata environment and migrated the data and use cases onto its new strategic data platform ‘Ada’. Just over a year…
Tesla recalls nearly all vehicles fitted with Autopilot on US roads – Software
Tesla is recalling just over 2 million vehicles in the United States fitted with its Autopilot advanced driver-assistance system to install new safeguards, after a…
BazarCall attacks abuse Google Forms to legitimize phishing emails
A new wave of BazarCall attacks uses Google Forms to generate and send payment receipts to victims, attempting to make the phishing attempt appear more…
Scammers Weaponize Google Forms in New BazarCall Attack
Google Forms is the latest Google product to be abused by threat actors, this time for a new variant of the BazarCall attack Cybersecurity researchers…
Apple now requires a judge’s consent to hand over push notification data – Security
Apple has said it now requires a judge’s order to hand over information about its customers’ push notification to law enforcement, putting the iPhone maker’s…
French police arrests Russian suspect linked to Hive ransomware
French authorities arrested a Russian national in Paris for allegedly helping the Hive ransomware gang with laundering their victims’ ransom payments. “New arrest in the…
Ransomware review: December 2023
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In…
Proof-of-concept code published for Apache Struts vulnerability – Security
A critical vulnerability in Apache Struts could have widespread downstream impacts on vendors that use the framework to build web apps like configuration interfaces. The…
LockBit ransomware now poaching BlackCat, NoEscape affiliates
The LockBit ransomware operation is now recruiting affiliates and developers from the BlackCat/ALPHV and NoEscape after recent disruptions and exit scams. Last week, the NoEscape…
The sound of you typing on your keyboard could reveal your password
As if password authentication’s coffin needed any more nails, researchers in the UK have discovered yet another way to hammer one in. The technique, developed…
Russian hackers target TeamCity servers since September
CISA and partner cybersecurity agencies and intelligence services warned that the APT29 hacking group linked to Russia’s Foreign Intelligence Service (SVR) has been targeting unpatched TeamCity…