Tag: technews

Spacecolon Toolset Fuels Surge in Global Scarab Ransomware Attacks A toolset called Spacecolon is being deployed as part of an ongoing campaign to spread variants of the Scarab ransomware. The Slovak cybersecurity firm, which dubbed the threat actor CosmicBeetle, said the origins of the malware date back to May 2020. The ultimate goal of the…

Syrian Threat Actor EVLF Identified as Creator of CypherRAT and Craxs A Syrian threat actor named EVLF has been identified as the creator of malware families CypherRAT and CraxsRAT. According to Cyfirma, these two families are said to be offered to other cybercriminals as part of a malware-as-a-service (MaaS) scheme. CripplesRAT is one of the…

Nest Cam support finally begins being added to Google Home app Google is finally starting to add support for older Nest Cams to the Google Home app. Starting with the first-generation Nest Cam Indoor from 2015, according to a post from Google on Thursday. However, it might be awhile until you can actually use your…

Agile Approach to Harvesting Credentials and Mining Cryptocurrencies Affected campaigns have used similar tooling to perform cloud credential scraping and also to mass deploy crypto mining software. New Curl : Shifted from dload function curl without curl to downloading staged curl binary to eventually using the native curl binary. The last German nods are in…

Default end-to-end encryption to be enabled on Messenger by year end By the end of the year, Messenger will support end-to-end encryption by default. Previously, the company has said that it plans to roll out support for E2EE by default for chats on Messenger by late this year. The company explains that its Messenger and…

FBI Warns of North Korean Affiliates’ Suspected Involvement in $ The U.S. Federal Bureau of Investigation warns that North Korea may attempt to cash out stolen cryptocurrency worth more than $40 million. North Korea is known to blur the lines between cyber warfare, espionage, and financial crimes. Previous examples include the $60 million theft of…

Cryptocurrency Laundering Scandal: Tornado Cash Founders Charged Tornado Cash processed over $7 billion worth of crypto assets over a period of three years. Roman Storm and Roman Semenov allegedly operated Tornado Cash and knowingly facilitated this money laundering, U.S. Attorney Damian Williams said. The defendants have been identified as two of the three co-founders of…

Thousands of Openfire XMPP Servers Still Exposed to High-Sever Thousands of Openfire XMPP servers remain unprotected against a recently disclosed flaw. According to VulnCheck, this vulnerability relates to a path traversal vulnerability in the Openfire administrative console. It was remediated by its developer, Ignite Realtime, earlier this May with the release of versions 4.6.8, 4.7.5,…

Google is expanding its transparency center to adhere to EU rules In order to comply with European law, Google is making some changes to its ads transparency center and making data more readily available to researchers. Specifically, the company is expanding the access it has to its Ads Transparency Center for researchers and providing additional…

Zero-Day Attacks Target Traders with WinRAR Security Flaw Exploited A flaw in the popular WinRAR archiving software has been exploited as a zero-day since April 2023. New findings from Group-IB reveal that the booby-trapped archive file is created such that it contains an image file and a folder with the same name. CVE-2023-38831 is caused…