FreshRSS

🔒
△ 🔃
☐ ☆ ✇ The Hacker News

iOS Zero-Day Attacks: Experts Uncover Deeper Insights into Operation Triangulation

By Newsroom — October 24th 2023 at 08:37
The TriangleDB implant used to target Apple iOS devices packs in at least four different modules to record microphone, extract iCloud Keychain, steal data from SQLite databases used by various apps, and estimate the victim's location. The new findings come from Kaspersky, which detailed the great lengths the adversary behind the campaign, dubbed Operation Triangulation, went to conceal and cover
☐ ☆ ✇ The Hacker News

Trojanized TOR Browser Installers Spreading Crypto-Stealing Clipper Malware

By Ravie Lakshmanan — March 29th 2023 at 09:17
Trojanized installers for the TOR anonymity browser are being used to target users in Russia and Eastern Europe with clipper malware designed to siphon cryptocurrencies since September 2022. "Clipboard injectors [...] can be silent for years, show no network activity or any other signs of presence until the disastrous day when they replace a crypto wallet address," Vitaly Kamluk, director of
☐ ☆ ✇ The Hacker News

Financially Motivated Threat Actor Strikes with New Ransomware and Clipper Malware

By Ravie Lakshmanan — February 15th 2023 at 13:33
A new financially motivated campaign that commenced in December 2022 has seen the unidentified threat actor behind it deploying a novel ransomware strain dubbed MortalKombat and a clipper malware known as Laplas. Cisco Talos said it "observed the actor scanning the internet for victim machines with an exposed remote desktop protocol (RDP) port 3389." The attacks, per the cybersecurity company,
☐ ☆ ✇ The Hacker News

Google Chrome Bug Lets Sites Silently Overwrite System Clipboard Content

By Ravie Lakshmanan — September 2nd 2022 at 05:55
A "major" security issue in the Google Chrome web browser, as well as Chromium-based alternatives, could allow malicious web pages to automatically overwrite clipboard content without requiring any user consent or interaction by simply visiting them. The clipboard poisoning attack is said to have been accidentally introduced in Chrome version 104, according to developer Jeff Johnson. While the
☐ ☆ ✇ The Hacker News

CISA Adds Zimbra Email Vulnerability to its Exploited Vulnerabilities Catalog

By Ravie Lakshmanan — August 5th 2022 at 05:54
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a recently disclosed high-severity vulnerability in the Zimbra email suite to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. The issue in question is CVE-2022-27924 (CVSS score: 7.5), a command injection flaw in the platform that could lead to the execution of arbitrary
❌