OpenRefine’s Zip Slip Vulnerability Could Let Attackers Execute Malicious Code
A high-severity security flaw has been disclosed in the open-source OpenRefine data cleanup and transformation tool that could result in arbitrary code execution on affected systems. Tracked as CVE-2023-37476 (CVSS score: 7.8), the vulnerability is a Zip Slip vulnerability that could have adverse impacts when importing a specially crafted project in versions 3.7.3 and below. « Although OpenRefine
BunnyLoader: New Malware-as-a-Service Threat Emerges in the Cybercrime Underground
Cybersecurity experts have discovered yet another malware-as-a-service (MaaS) threat called BunnyLoader that’s being advertised for sale on the cybercrime underground. « BunnyLoader provides various functionalities such as downloading and executing a second-stage payload, stealing browser credentials and system information, and much more, » Zscaler ThreatLabz researchers Niraj Shivtarkar and
Zanubis Android Banking Trojan Poses as Peruvian Government App to Target Users
An emerging Android banking trojan called Zanubis is now masquerading as a Peruvian government app to trick unsuspecting users into installing the malware. « Zanubis’s main infection path is through impersonating legitimate Peruvian Android applications and then tricking the user into enabling the Accessibility permissions in order to take full control of the device, » Kaspersky said in an
FBI Warns of Rising Trend of Dual Ransomware Attacks Targeting U.S. Companies
The U.S. Federal Bureau of Investigation (FBI) is warning of a new trend of dual ransomware attacks targeting the same victims, at least since July 2023. « During these attacks, cyber threat actors deployed two different ransomware variants against victim companies from the following variants: AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal, » the FBI said in an […]
Iranian APT Group OilRig Using New Menorah Malware for Covert Operations
Sophisticated cyber actors backed by Iran known as OilRig have been linked to a spear-phishing campaign that infects victims with a new strain of malware called Menorah. « The malware was designed for cyberespionage, capable of identifying the machine, reading and uploading files from the machine, and downloading another file or malware, » Trend Micro researchers Mohamed Fahmy and […]
New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks
Multiple security vulnerabilities have been disclosed in the Exim mail transfer agent that, if successfully exploited, could result in information disclosure and remote code execution. The list of flaws, which were reported anonymously way back in June 2022, is as follows – CVE-2023-42114 (CVSS score: 3.7) – Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability
Cybercriminals Using New ASMCrypt Malware Loader Flying Under the Radar
Threat actors are selling a new crypter and loader called ASMCrypt, which has been described as an « evolved version » of another loader malware known as DoubleFinger. « The idea behind this type of malware is to load the final payload without the loading process or the payload itself being detected by AV/EDR, etc., » Kaspersky said in an analysis published […]
Post-Quantum Cryptography: Finally Real in Consumer Apps?
Most people are barely thinking about basic cybersecurity, let alone post-quantum cryptography. But the impact of a post-quantum world is coming for them regardless of whether or not it’s keeping them up tonight. Today, many rely on encryption in their daily lives to protect their fundamental digital privacy and security, whether for messaging friends and […]
Lazarus Group Impersonates Recruiter from Meta to Target Spanish Aerospace Firm
The North Korea-linked Lazarus Group has been linked to a cyber espionage attack targeting an unnamed aerospace company in Spain in which employees of the firm were approached by the threat actor posing as a recruiter for Meta. « Employees of the targeted company were contacted by a fake recruiter via LinkedIn and tricked into opening a malicious […]
Microsoft’s AI-Powered Bing Chat Ads May Lead Users to Malware-Distributing Sites
Malicious ads served inside Microsoft Bing’s artificial intelligence (AI) chatbot are being used to distribute malware when searching for popular tools. The findings come from Malwarebytes, which revealed that unsuspecting users can be tricked into visiting booby-trapped sites and installing malware directly from Bing Chat conversations. Introduced by Microsoft in February 2023, Bing Chat is […]