- Details
- The Hacker News
The Android banking trojan known as Anatsa has expanded its focus to include Slovakia, Slovenia, and Czechia as part of a new campaign observed in November 2023.
"Some of the droppers in the campaign successfully exploited the accessibility service, despite Google Play's enhanced detection and protection mechanisms," ThreatFabric said in a report shared with The Hacker News.
"All droppers in this campaign have demonstrated the capability to bypass the restricted settings for accessibility service in Android 13." The campaign, in total, involves five droppers with more than 100,000 total installations. Read More..
- Details
- BleepingComputer
A threat group named 'ResumeLooters' has stolen the personal data of over two million job seekers after compromising 65 legitimate job listing and retail sites using SQL injection and cross-site scripting (XSS) attacks.
The attackers mainly focus on the APAC region, targeting sites in Australia, Taiwan, China, Thailand, India, and Vietnam to steal job seeker's names, email addresses, phone numbers, employment history, education, and other relevant information.
According to Group-IB, which has been following the threat group since its beginning, in November 2023, ResumeLooters attempted to sell the stolen data through Telegram channels. Read More..
- Details
- BleepingComputer
Microsoft is investigating an issue that triggers Outlook security alerts when trying to open .ICS calendar files after installing December 2023 Patch Tuesday Office security updates.
Microsoft 365 users affected by this issue report seeing dialog boxes warning them that "Microsoft Office has identified a potential security concern" and that "This location may be unsafe" when double-clicking ICS files saved locally. Read More..
"This behavior is not expected when opening .ICS files. This is a bug and will be addressed in a future update.”
- Details
- BleepingComputer
Mastodon, the free and open-source decentralized social networking platform, has fixed a critical vulnerability that allows attackers to impersonate and take over any remote account.
The platform became popular after Elon Musk acquired Twitter and now boasts nearly 12 million users spread across 11,000 instances.
Instances (servers) on Mastodon are autonomous but interconnected (through a system known as "federation") communities that have their own guidelines and policies, controlled by owners who provide the infrastructure and act as administrators of their servers.
Notable among the flaws is CVE-2023-45866, a critical security issue in Bluetooth that could allow an attacker in a privileged network position to inject keystrokes by spoofing a keyboard.means, such as unpatched security flaws that can trigger execution of arbitrary code.Read More..
- Details
- BleepingComputer
Cloudflare disclosed today that its internal Atlassian server was breached by a suspected 'nation state attacker' who accessed its Confluence wiki, Jira bug database, and Bitbucket source code management system.
The threat actor first gained access to Cloudflare's self-hosted Atlassian server on November 14 and then accessed the company's Confluence and Jira systems following a reconnaissance stage.Read More..
- New NKAbuse Malware Exploits NKN Blockchain Tech for DDoS Attacks
- LockBit Ransomware now poaching BlackCat, NoEscape Affiliates
- Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws
- Unveiling the Threat of Malicious Browser Extensions
- Qualcomm Releases Details on Chip Vulnerabilities Exploited in Targeted Attacks