- Details
- The Hacker News
A novel multi-platform threat called NKAbuse has been discovered using a decentralized, peer-to-peer network connectivity protocol known as NKN (short for New Kind of Network) as a communications channel.
"The malware utilizes NKN technology for data exchange between peers, functioning as a potent implant, and equipped with both flooder and backdoor capabilities," Russian cybersecurity company Kaspersky said in a Thursday report.
NKN, which has over 62,000 nodes, is described as a "software overlay network built on top of today's Internet that enables users to share unused bandwidth and earn token rewards." It incorporates a blockchain layer on top of the existing TCP/IP stack. Read More..
- Details
- BleepingComputer
The LockBit ransomware operation is now recruiting affiliates and developers from the BlackCat/ALPHV and NoEscape after recent disruptions and exit scams.
Last week, the NoEscape and the BlackCat/ALPHV ransomware operation's Tor websites suddenly became inaccessible without warning.
Affiliates associated with NoEscape claimed that the ransomware operators pulled an exit scam, stealing millions of dollars in ransom payments and shutting off the operation's web panels and data leak sites.Read More..
- Details
- The Hacker News
Apple on Monday released security patches for iOS, iPadOS, macOS, tvOS, watchOS, and Safari web browser to address multiple security flaws, in addition to backporting fixes for two recently disclosed zero-days to older devices.
This includes updates for 12 security vulnerabilities in iOS and iPadOS spanning AVEVideoEncoder, ExtensionKit, Find My, ImageIO, Kernel, Safari Private Browsing, and WebKit. macOS Sonoma 14.2, for its part, resolves 39 shortcomings, counting six bugs impacting the ncurses library.
Notable among the flaws is CVE-2023-45866, a critical security issue in Bluetooth that could allow an attacker in a privileged network position to inject keystrokes by spoofing a keyboard means, such as unpatched security flaws that can trigger execution of arbitrary code.Read More..
- Details
- The Hacker News
Compromising the browser is a high-return target for adversaries. Browser extensions, which are small software modules that are added to the browser and can enhance browsing experiences, have become a popular browser attack vector. This is because they are widely adopted among users and can easily turn malicious through developer actions or attacks on legitimate extensions.
Recent incidents like DataSpii and the Nigelthorn malware attack have exposed the extent of damage that malicious extensions can inflict. In both cases, users innocently installed extensions that compromised their privacy and security. The underlying issue lies in the permissions granted to extensions. These permissions, often excessive and lacking granularity, allow attackers to exploit them.
What can organizations do to protect themselves from the risks of browser extensions without barring them from use altogether (an act that would be nearly impossible to enforce)?Read More..
- Details
- The Hacker News
Chipmaker Qualcomm has released more information about three high-severity security flaws that it said came under "limited, targeted exploitation" back in October 2023.
The vulnerabilities are as follows -
CVE-2023-33063 (CVSS score: 7.8) - Memory corruption in DSP Services during a remote call from HLOS to DSP.
CVE-2023-33106 (CVSS score: 8.4) - Memory corruption in Graphics while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.
CVE-2023-33107 (CVSS score: 8.4) - Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.
Google's Threat Analysis Group and Google Project Zero revealed back in October 2023 that the three flaws, along with CVE-2022-22071 (CVSS score: 8.4), have been exploited in the wild as part of limited, targeted attacks. Read More..
- Warning for iPhone Users: Experts Warn of Sneaky Fake Lockdown Mode Attack
- SpyLoan Android Malware on Google Play downloaded 12 Million Times
- Microsoft extends Windows Server 2012 ESUs to October 2026
- Cloudflare website downed by DDoS attack claimed by Anonymous
- New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers