- Details
- BleepingComputer
September 09, 2023 BleepingComputer published The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies today to patch security vulnerabilities abused as part of a zero-click iMessage exploit chain to infect iPhones with NSO Group's Pegasus spyware.
This warning comes after Citizen Lab disclosed that the two flaws were used to compromise fully-patched iPhones belonging to a Washington DC-based civil society organization using an exploit chain named BLASTPASS that worked via PassKit attachments containing malicious images. Read More..
- Details
- BleepingComputer
September 09, 2023 BleepingComputer published A new phishing campaign is abusing Microsoft Teams messages to send malicious attachments that install the DarkGate Loader malware.
The campaign started in late August 2023, when Microsoft Teams phishing messages were seen being sent by two compromised external Office 365 accounts to other organizations.
These accounts were used to trick other Microsoft Teams users into downloading and opening a ZIP file named "Changes to the vacation schedule." Read More..
- Details
- BleepingComputer
BleepingComputer published A team of researchers from the University of Wisconsin-Madison has uploaded to the Chrome Web Store a proof-of-concept extension that can steal plaintext passwords from a website's source code.
An examination of the text input fields in web browsers revealed that the coarse-grained permission model underpinning Chrome extensions violates the principles of least privilege and complete mediation.
Additionally, the researchers found that numerous websites with millions of visitors, including some Google and Cloudflare portals, store passwords in plaintext within the HTML source code of their web pages, allowing extensions to retrieve them. Read More..
- Details
- BleepingComputer
BleepingComputer published Proof-of-concept exploit code has been released for a critical SSH authentication bypass vulnerability in VMware's Aria Operations for Networks analysis tool (formerly known as vRealize Network Insight).
The flaw (tracked as CVE-2023-34039) was found by security analysts at ProjectDiscovery Research and patched by VMware on Wednesday with the release of version 6.11.
Successful exploitation enables remote attackers to bypass SSH authentication on unpatched appliances and access the tool's command line interface in low-complexity attacks that don't require user interaction because of what the company describes as "a lack of unique cryptographic key generation. Read More..
- Details
- The Hacker News
The Hacker News published A New findings show that malicious actors could leverage a sneaky malware detection evasion technique and bypass endpoint security solutions by manipulating the Windows Container Isolation Framework.
The findings were presented by Deep Instinct security researcher Daniel Avinoam at the DEF CON security conference held earlier this month.
Microsoft's container architecture (and by extension, Windows Sandbox) uses what's called a dynamically generated image to separate the file system from each container to the host and at the same time avoid duplication of system files.
It's nothing but an "operating system image that has clean copies of files that can change, but links to files that cannot change that are in the Windows image that already exists on the host," thereby bringing down the overall size for a full OS. Read More..
- Trojanized Signal and Telegram Apps on Google Play Delivered Spyware
- Earth Estries' Espionage Campaign Targets Governments and Tech Titans Across Continents
- Hacking Campaign Bruteforces Cisco VPNs to Breach Networks
- New Android MMRat Malware Uses Protobuf Protocol To Steal Your Data
- Microsoft Releases Patches for 74 New Vulnerabilities in August Update