A new ransomware operation has been found with a unique method of selling its decryptors through Roblox, a gaming platform that uses its in-game currency, Robux. Roblox is a game designed for kids, and one of its features is that it allows its members to develop their games and monetise them by selling ‘Game Passes.’...Continue Reading
The most prominent Apple chip ever developed, M1, is now realising its weaknesses after security experts have found security flaws that allow hackers to compromise Mac systems through arbitrary code execution. Apple’s M1 chip showcases the pointer authentication tool, a security feature that protects MacOS from all known vulnerabilities with its detection and blocking capabilities...Continue Reading
Researchers have published a report regarding the increased utilisation of the Browser Automation Studio or BAS framework developed by Bablosoft, which threat actors actively use for its free-to-use browser functionality. The framework contains several functions that threat actors can utilise for illegal activities. It is a Windows-only automation environment used for different capabilities in browser-related...Continue Reading
Threat actors were spotted exploiting the Discord platform to propagate SYK Crypter. The popularity of these social media sites and platforms has gathered the attention of many malware developers, resulting in the development of multiple threats that compromise this internet field. The researchers also highlighted the malware’s capabilities, including bypassing the behaviour and signature-based cybersecurity...Continue Reading
New malware with worm capabilities was recently found in Windows distributed using external flash drives. Researchers added that the new malware is associated with the Raspberry Robin worm they first identified last September. Most sectors targeted by the worm are manufacturing and technology, with multiple customers’ networks being infected. This new worm injects into the...Continue Reading
In the latter days of April, a researcher identified, obstructed, and reported two packages that they classified as malicious versions of original AWS packages. This package backfill discovery showed a new takeover method that targets AWS, where hackers scan AWS projects for dependencies that are not assessed in the public npmjs registry and use their...Continue Reading
BotenaGo’s new malware strain has been discovered by researchers targeting the LILIN security camera DVR devices. The researchers called the newly discovered malware variant “LILIN Scanner” since it is used by the threat actors in the source code during the latest attacks. Based on reports, the new variant is coded in the Go language (Golang)...Continue Reading
Since Windows has released its newest system version, Windows 11, threat actors have leveraged it to spread data-stealing malware that could affect users’ computers and compromise their privacy. This new malicious campaign involves the threat actors establishing a fake Windows 11 update website that baits users to update their computers so that the malware called...Continue Reading
Three firmware bugs were found in Lenovo devices, which the tech firm immediately patched after discovering that they could be exploited for Unified Extensible Firmware Interface (UEFI) attacks. The vulnerabilities were assigned as CVE-2021-3970, CVE-2021-3971, and CVE-2021-3972 and used for deploying and executing UEFI malware through SPI flash implants or ESP implants inside Lenovo Notebook...Continue Reading
The healthcare sector is among the many organisations that have been targeted by cybersecurity attacks, including hospitals that hold a massive number of confidential patient data that could be exposed to data leaks when software vulnerabilities arise. Nonetheless, hackers still prefer targeting the sectors that would provide them with surefire financial profit and tend to...Continue Reading