![Anker USB C to Lightning Cable [ Apple Mfi Certified] for $19](https://i0.wp.com/www.ihash.eu/wp-content/uploads/2022/12/1670212666_297_Anker-USB-C-to-Lightning-Cable-Apple-Mfi-Certified.jpg?resize=630%2C420&ssl=1)
![Anker USB C to Lightning Cable [ Apple Mfi Certified] Red / 3ft for $19](https://i0.wp.com/www.ihash.eu/wp-content/uploads/2022/12/1670126010_652_Anker-USB-C-to-Lightning-Cable-Apple-Mfi-Certified.jpg?resize=630%2C420&ssl=1)
![Anker USB C to Lightning Cable [ Apple Mfi Certified] Black / 6ft for $16](https://i0.wp.com/www.ihash.eu/wp-content/uploads/2022/12/1670104311_722_Anker-USB-C-to-Lightning-Cable-Apple-Mfi-Certified.jpg?resize=630%2C420&ssl=1)
Dec 06, 2022Ravie LakshmananEndpoint Security / Data Security A version of an open source ransomware toolkit called Cryptonite has been observed in the wild with wiper capabilities due to its "weak architecture and programming." Cryptonite, unlike other ransomware strains, is not available for sale on the cybercriminal underground, and was instead offered for free by an actor … [Read more...] about Open Source Ransomware Toolkit Cryptonite Turns Into Accidental Wiper Malware
cyber attacks
Critical Ping Vulnerability Allows Remote Attackers to Take Over FreeBSD Systems
Dec 05, 2022Ravie Lakshmanan The maintainers of the FreeBSD operating system have released updates to remediate a security vulnerability impacting the ping module that could be potentially exploited to crash the program or trigger remote code execution. The issue, assigned the identifier CVE-2022-23093, impacts all supported versions of FreeBSD and concerns a stack-based … [Read more...] about Critical Ping Vulnerability Allows Remote Attackers to Take Over FreeBSD Systems
Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability
Search giant Google on Friday released an out-of-band security update to fix a new actively exploited zero-day flaw in its Chrome web browser. The high-severity flaw, tracked as CVE-2022-4262, concerns a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the issue on November 29, 2022. Type … [Read more...] about Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability
Hackers Sign Android Malware Apps with Compromised Platform Certificates
Platform certificates used by Android smartphone vendors like Samsung, LG, and MediaTek have been found to be abused to sign malicious apps. The findings were first discovered and reported by Google reverse engineer Łukasz Siewierski on Thursday. "A platform certificate is the application signing certificate used to sign the 'android' application on the system image," a report … [Read more...] about Hackers Sign Android Malware Apps with Compromised Platform Certificates
Cuba Ransomware Extorted Over $60 Million in Ransom Fees from More than 100 Entities
The threat actors behind Cuba (aka COLDDRAW) ransomware have received more than $60 million in ransom payments and compromised over 100 entities across the world as of August 2022. In a new advisory shared by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), the agencies highlighted a "sharp increase in both the … [Read more...] about Cuba Ransomware Extorted Over $60 Million in Ransom Fees from More than 100 Entities
North Korea Hackers Using New “Dolphin” Backdoor to Spy on South Korean Targets
The North Korea-linked ScarCruft group has been attributed to a previously undocumented backdoor called Dolphin that the threat actor has used against targets located in its southern counterpart. "The backdoor [...] has a wide range of spying capabilities, including monitoring drives and portable devices and exfiltrating files of interest, keylogging and taking screenshots, and … [Read more...] about North Korea Hackers Using New “Dolphin” Backdoor to Spy on South Korean Targets
3 New Vulnerabilities Affect OT Products from German Festo and CODESYS Companies
Researchers have disclosed details of three new security vulnerabilities affecting operational technology (OT) products from CODESYS and Festo that could lead to source code tampering and denial-of-service (DoS). The vulnerabilities, reported by Forescout Vedere Labs, are the latest in a long list of flaws collectively tracked under the name OT:ICEFALL. "These issues exemplify … [Read more...] about 3 New Vulnerabilities Affect OT Products from German Festo and CODESYS Companies
CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical flaw impacting Oracle Fusion Middleware to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2021-35587, carries a CVSS score of 9.8 and impacts Oracle Access Manager (OAM) versions 11.1.2.3.0, 12.2.1.3.0, and … [Read more...] about CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability
Elon Musk Confirms Twitter 2.0 will Bring End-to-End Encryption to Direct Messages
Twitter chief executive Elon Musk confirmed plans for end-to-end encryption (E2EE) for direct messages on the platform. The feature is part of Musk's vision for Twitter 2.0, which is expected to be what's called an "everything app." Other functionalities include longform tweets and payments, according to a slide deck shared by Musk over the weekend. The company's plans for … [Read more...] about Elon Musk Confirms Twitter 2.0 will Bring End-to-End Encryption to Direct Messages
All You Need to Know About Emotet in 2022
For 6 months, the infamous Emotet botnet has shown almost no activity, and now it's distributing malicious spam. Let's dive into details and discuss all you need to know about the notorious malware to combat it. Why is everyone scared of Emotet? Emotet is by far one of the most dangerous trojans ever created. The malware became a very destructive program as it grew in scale and … [Read more...] about All You Need to Know About Emotet in 2022