- Details
- The Hacker News
Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry.
The findings are part of its Adversarial Threat Report for the fourth quarter of 2023. The spyware targeted iOS, Android, and Windows devices.
"Their various malware included capabilities to collect and access device information, location, photos and media, contacts, calendar, email, SMS, social media, and messaging apps, and enable microphone,camera, and screenshot functionality," the company said. Read More..
- Details
- BleepingComputer
A threat actor is using an open-source network mapping tool named SSH-Snake to look for private keys undetected and move laterally on the victim infrastructure.
SSH-Snake was discovered by the Sysdig Threat Research Team (TRT), who describe it as a "self-modifying worm" that stands out from traditional SSH worms by avoiding the patterns typically associated with scripted attacks.
The worm searches for private keys in various locations, including shell history files, and uses them to stealthily spread to new systems after mapping the network. Read More..
- Details
- The Hacker News
The Android banking trojan known as Anatsa has expanded its focus to include Slovakia, Slovenia, and Czechia as part of a new campaign observed in November 2023.
"Some of the droppers in the campaign successfully exploited the accessibility service, despite Google Play's enhanced detection and protection mechanisms," ThreatFabric said in a report shared with The Hacker News.
"All droppers in this campaign have demonstrated the capability to bypass the restricted settings for accessibility service in Android 13." The campaign, in total, involves five droppers with more than 100,000 total installations. Read More..
- Details
- BleepingComputer
A threat group named 'ResumeLooters' has stolen the personal data of over two million job seekers after compromising 65 legitimate job listing and retail sites using SQL injection and cross-site scripting (XSS) attacks.
The attackers mainly focus on the APAC region, targeting sites in Australia, Taiwan, China, Thailand, India, and Vietnam to steal job seeker's names, email addresses, phone numbers, employment history, education, and other relevant information.
According to Group-IB, which has been following the threat group since its beginning, in November 2023, ResumeLooters attempted to sell the stolen data through Telegram channels. Read More..
- Details
- BleepingComputer
Microsoft is investigating an issue that triggers Outlook security alerts when trying to open .ICS calendar files after installing December 2023 Patch Tuesday Office security updates.
Microsoft 365 users affected by this issue report seeing dialog boxes warning them that "Microsoft Office has identified a potential security concern" and that "This location may be unsafe" when double-clicking ICS files saved locally. Read More..
"This behavior is not expected when opening .ICS files. This is a bug and will be addressed in a future update.”
- Mastodon Vulnerability Allows Attackers to Take Over Accounts
- Cloudflare Hacked using Auth Tokens Stolen in Okta Attack
- New NKAbuse Malware Exploits NKN Blockchain Tech for DDoS Attacks
- LockBit Ransomware now poaching BlackCat, NoEscape Affiliates
- Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws