New Financial Malware ‘JanelaRAT’ Targets Latin American Users
Users in Latin America (LATAM) are the target of a financial malware called JanelaRAT that’s capable of capturing sensitive information from compromised Microsoft Windows systems. « JanelaRAT mainly targets financial and cryptocurrency data from LATAM bank and financial institutions, » Zscaler ThreatLabz researchers Gaetano Pellegrino and Sudeep Singh said, adding it « abuses DLL side-loading
India Passes New Digital Personal Data Protection Bill (DPDPB), Putting Users’ Privacy First
The Indian President Droupadi Murmu on Friday granted assent to the Digital Personal Data Protection Bill (DPDPB) after it was unanimously passed by both houses of the parliament last week, marking a significant step towards securing people’s information. « The Bill provides for the processing of digital personal data in a manner that recognizes both the […]
Multiple Flaws in CyberPower and Dataprobe Products Put Data Centers at Risk
Multiple security vulnerabilities impacting CyberPower’s PowerPanel Enterprise Data Center Infrastructure Management (DCIM) platform and Dataprobe’s iBoot Power Distribution Unit (PDU) could be potentially exploited to gain unauthenticated access to these systems and inflict catastrophic damage in target environments. The nine vulnerabilities, from CVE-2023-3259 through CVE-2023-3267, carry
Zoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to Eavesdropping
Multiple security vulnerabilities have been disclosed in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP) that could be potentially exploited by a malicious attacker to conduct remote attacks. « An external attacker who leverages the vulnerabilities discovered in AudioCodes Ltd.’s desk phones and Zoom’s Zero Touch Provisioning feature can gain full remote control of the […]
New Python URL Parsing Flaw Enables Command Injection Attacks
A high-severity security flaw has been disclosed in the Python URL parsing function that could be exploited to bypass domain or protocol filtering methods implemented with a blocklist, ultimately resulting in arbitrary file reads and command execution. « urlparse has a parsing problem when the entire URL starts with blank characters, » the CERT Coordination Center (CERT/CC) […]
Lolek Bulletproof Hosting Servers Seized, 5 Key Operators Arrested
European and U.S. law enforcement agencies have announced the dismantling of a bulletproof hosting service provider called Lolek Hosted, which cybercriminals have used to launch cyber-attacks across the globe. « Five of its administrators were arrested, and all of its servers seized, rendering LolekHosted.net no longer available, » Europol said in a statement. « The service facilitated the
Researchers Uncover Decade-Long Cyber Espionage on Foreign Embassies in Belarus
A hitherto undocumented threat actor operating for nearly a decade and codenamed MoustachedBouncer has been attributed to cyber espionage attacks aimed at foreign embassies in Belarus. « Since 2020, MoustachedBouncer has most likely been able to perform adversary-in-the-middle (AitM) attacks at the ISP level, within Belarus, in order to compromise its targets, » ESET security researcher Matthieu
Enhancing TLS Security: Google Adds Quantum-Resistant Encryption in Chrome 116
Google has announced plans to add support for quantum-resistant encryption algorithms in its Chrome browser, starting with version 116. « Chrome will begin supporting X25519Kyber768 for establishing symmetric secrets in TLS, starting in Chrome 116, and available behind a flag in Chrome 115, » Devon O’Brien said in a post published Thursday. Kyber was chosen by the U.S. Department of Commerce’s
Researchers Shed Light on APT31’s Advanced Backdoors and Data Exfiltration Tactics
The Chinese threat actor known as APT31 (aka Bronze Vinewood, Judgement Panda, or Violet Typhoon) has been linked to a set of advanced backdoors that are capable of exfiltrating harvested sensitive information to Dropbox. The malware is part of a broader collection of more than 15 implants that have been put to use by the adversary in […]
New SystemBC Malware Variant Targets South African Power Company
An unknown threat actor has been linked to a cyber attack on a power generation company in South Africa with a new variant of the SystemBC malware called DroxiDat as a precursor to a suspected ransomware attack. « The proxy-capable backdoor was deployed alongside Cobalt Strike Beacons in a South African nation’s critical infrastructure, » Kurt Baumgartner, […]