Adobe Acrobat users might be at risk after security researchers found that the software may block antivirus programs from checking into PDF files, which also denies these AV tools from monitoring if a PDF file is infected with malicious trojans. Most security tools require visibility into a computer system’s software and processes. To be able...Continue Reading
Researchers have uncovered a newly identified DFSCoerce Windows NTLM relay threat campaign that uses the MS-DFSNM, Microsoft’s Distributed File System, that aids hackers in controlling a Windows domain. Almost all organisations use the Microsoft Active Directory Certificate services since it is a public key infrastructure service utilised for authenticating users, devices, and services on a...Continue Reading
Cybersecurity authorities have taken down an infrastructure used by a Russian botnet, RSOCKS, that compromised millions of internet-connected devices and computers worldwide. The threat actors have utilised the botnet to execute credential-stuffing attacks against hacked devices, an attack tactic that automatically enters a user’s login credentials on login pages of websites. The DOJ’s published press...Continue Reading
Research says threat actors could exploit the Scroll to Text Fragment or STTF feature in web browsers to steal users’ sensitive data. This feature allows users to create links from the URL onto a specific webpage portion using the ‘#:~:text’ identifier. From the studies about the STTF flaw, its operators use CSS selectors to collect...Continue Reading
An alleged Italian-made Hermit Android spyware has been observed by researchers in Kazakhstan, where the government utilised it to monitor its citizens’ activities. Experts assumed that the spyware was developed by a couple of Italian firms named Tykelab Srl and RCS Lab S.p.A. Moreover, a researcher said that an entity owned by the national government...Continue Reading
Studies claim that anyone could find ways to track a person’s online activities and behaviour after a security researcher had created a site that could generate a user’s device fingerprints through their installed Google Chrome extensions. The researcher has dubbed the new fingerprinting site “Extension Fingerprints,” allowing its user to generate a tracking hash based...Continue Reading
A malicious threat group called Blue Mockingbird has targeted the Telerik UI flaws to infect its servers, mine Monero by hacking system resources, and install Cobalt Strike beacons. The CVE-2019-18935 is the deserialisation critical flaw leveraged by the threat actors, which leads to an RCE in the Telerik UI library. To exploit the critical vulnerability,...Continue Reading
New research revealed that hackers could use GhostTouch to execute several cybercriminal actions, such as downloading malware and initiating calls. Any entity could utilise electromagnetic interference to activate arbitrary behaviour on mobile touchscreens. Modern tablets and smartphones take advantage of capacitive touchscreens that give multi-touch capabilities and can measure minimal electric fields. However, the charger...Continue Reading
A new Go language-based peer-to-peer botnet dubbed Panchan has been observed by researchers targeting the Linux servers in the academic sector since it started appearing last March. The researchers stated that the malware utilises a built-in concurrency functionality to maximise its propagation and run malware modules. Additionally, they noticed that the Panchan botnet could harvest...Continue Reading
Syslogk, a new Linux rootkit, is used by hackers in their latest attacks to obfuscate malicious processes via specially designed packets to trigger a dormant backdoor in the device. The malware is believed to be in its development phase, and its developers seem to base its project on an old open-source rootkit called Adore-Ng. Additionally,...Continue Reading
