MIT Researchers Discover New Flaw in Apple M1 CPUs That Can't Be Patched

2022-06-14 - A novel hardware attack dubbed PACMAN has been demonstrated against Apple's M1 processor chipsets, potentially arming a malicious actor with the capability to gain arbitrary code execution on macOS systems. It leverages "speculative execution attacks to bypass an important memory protection mechanism, ARM Pointer Authentication, a security feature that is used to enforce pointer integrity," MIT

Source: Tweakers.net, Ravie Lakshmanan

Researchers Disclose Rooting Backdoor in Mitel IP Phones for Businesses

2022-06-14 - Cybersecurity researchers have disclosed details of two medium-security flaws in Mitel 6800/6900 desk phones that, if successfully exploited, could allow an attacker to gain root privileges on the devices. Tracked as CVE-2022-29854 and CVE-2022-29855 (CVSS score: 6.8), the access control issues were discovered by German penetration testing firm SySS, following which patches were shipped in May

Source: Tweakers.net, Ravie Lakshmanan

Iranian Hackers Spotted Using a new DNS Hijacking Malware in Recent Attacks

2022-06-13 - The Iranian state-sponsored threat actor tracked under the moniker Lyceum has turned to using a new custom .NET-based backdoor in recent campaigns directed against the Middle East. "The new malware is a .NET based DNS Backdoor which is a customized version of the open source tool 'DIG.net,'" Zscaler ThreatLabz researchers Niraj Shivtarkar and Avinash Kumar said in a report published last week. "

Source: Tweakers.net, Ravie Lakshmanan

Chinese Hackers Distribute Backdoored Web3 Wallets for iOS and Android Users

2022-06-13 - A technically sophisticated threat actor known as SeaFlower has been targeting Android and iOS users as part of an extensive campaign that mimics official cryptocurrency wallet websites intending to distribute backdoored apps that drain victims' funds. Said to be first discovered in March 2022, the cluster of activity "hint[s] to a strong relationship with a Chinese-speaking entity yet to be

Source: Tweakers.net, Ravie Lakshmanan

HelloXD Ransomware Installing Backdoor on Targeted Windows and Linux Systems

2022-06-13 - Windows and Linux systems are being targeted by a ransomware variant called HelloXD, with the infections also involving the deployment of a backdoor to facilitate persistent remote access to infected hosts. "Unlike other ransomware groups, this ransomware family doesn't have an active leak site; instead it prefers to direct the impacted victim to negotiations through Tox chat and onion-based

Source: Tweakers.net, Ravie Lakshmanan

Ett stort företag börjar från små.
Grundades 2015
Hi,
let's talk about your project

Innehållet i detta e-postmeddelande är konfidentiellt och avsett endast för den mottagare som anges i meddelandet.