- Details
- BleepingComputer
Czech cybersecurity company Avast confirmed that its antivirus SDK has been flagging a Google Android app as malware on Huawei, Vivo, and Honor smartphones since Saturday.
On affected devices, users were warned to immediately uninstall the Google app because it could secretly send SMS messages, download and install other apps, or steal their sensitive information.
Others saw a different alert, telling them that the Google app was a trojan that could provide remote access to their device and allow attackers to install malware and steal the users' data. Read More..
- Details
- BleepingComputer
A new NuGet typosquatting campaign pushes malicious packages that abuse Visual Studio's MSBuild integration to execute code and install malware stealthily.
NuGet is an open-source package manager and software distribution system, enabling developers to download and include ready-to-run .NET libraries for their projects.
Threat actors who target software distribution systems like npm and PyPI have recently shown interest in NuGet, which predominantly targets Windows users and has become very popular among software developers. Read More..
- Details
- The Hacker News
The backdoor implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software has been modified by the threat actor so as to escape visibility via previous fingerprinting methods."Investigated network traffic to a compromised device has shown that the threat actor has upgraded the implant to do an extra header check," NCC Group's Fox-IT team said. "Thus, for a lot of devices, the implant is still active, but now only responds if the correct Authorization HTTP header is set." Read More..
- Details
- Cyber Security News
A new InfoStealer called ExelaStealer emerged in 2023, joining the ranks of other well-known malware like RedLine, Raccoon, and Vidar.
FortiGuard Labs, a leading cybersecurity research and analysis firm, has revealed some insights into this new threat. ExelaStealer is an open-source malware that can be customized for a fee.
It is written in Python, but it can also use other languages like JavaScript when needed. It targets Windows-based systems and steals various types of information, such as passwords, credit cards, cookies, sessions, and keystrokes. Read More..
- Details
- The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation, while removing five bugs from the list due to lack of adequate evidence.
The vulnerabilities newly added are below -
- CVE-2023-42793 (CVSS score: 9.8) - JetBrains TeamCity Authentication Bypass Vulnerability
- CVE-2023-28229 (CVSS score: 7.0) - Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability
- NSA and CISA Reveal Top 10 Cybersecurity Misconfigurations
- Microsoft Warns of Cyber Attacks Attempting to Breach Cloud via SQL Server Instance
- Apple Emergency Update for New Zero-Day Used to Hack iPhones
- EvilProxy uses indeed.com open redirect for Microsoft 365 Phishing
- 3AM Ransomware: A Sneak Peek into a New Malware Family