"Proxy Trojan Targets macOS Users for Traffic Redirection"

"Proxy Trojan Targets macOS Users for Traffic Redirection"

A sophisticated proxy Trojan targeting macOS is being distributed via pirated versions of legitimate business software such as editing tools, data recovery software, and network scanning applications. The Trojan works by posing as a legitimate program during installation and then creating a hidden proxy server on the user's system. This covert server allows threat actors to keep a backdoor open on the system while also redirecting network traffic through the compromised device. Such a proxy Trojan can have varying degrees of severity for victims.

Submitted by Gregory Rigby on

"Alert Fatigue Puts Pressure on Security and Development Teams"

"Alert Fatigue Puts Pressure on Security and Development Teams"

According to Cycode, security practitioners are under significant pressure to secure today's applications. Seventy-eight percent of CISOs stated that today's AppSec attack surfaces are unmanageable, and 90 percent revealed that relationships between their security and development teams need improvement. Seventy-seven percent of CISOs believe software supply chain security is a more significant gap in AppSec than generative Artificial Intelligence (AI) or open source.

Submitted by Gregory Rigby on

"WordPress 6.4.2 Patches Remote Code Execution Vulnerability"

"WordPress 6.4.2 Patches Remote Code Execution Vulnerability"

WordPress recently released a security update for the popular content management system (CMS) to address a remote code execution (RCE) vulnerability.  Security researchers at Defiant noted that the flaw addressed in the open-source CMS is a property oriented programming (POP) chain issue introduced in WordPress core 6.4.  The researchers stated that it can be combined with a different object injection flaw, allowing attackers to execute PHP code on vulnerable websites.  The bug was identified in a class introduced in WordPress 6.4 to improve HTML parsing in the block editor.

Submitted by Adam Ekwall on

"Cyberattack on Irish Utility Cuts Off Water Supply for Two Days"

"Cyberattack on Irish Utility Cuts Off Water Supply for Two Days"

It has recently been revealed that a cyberattack launched by hackers last week against the systems of a small water utility in Ireland interrupted the water supply for two days.  The attack targeted a private group water scheme in the Erris area and reportedly impacted 180 people in Binghamstown and Drum, leaving them without water on Thursday and Friday.  According to the water utility's representative,  hackers targeted a Eurotronics water pumping system, defacing a user interface with a message announcing the hack.

Submitted by Adam Ekwall on

"Your Car Might Be Watching You to Keep You Safe − at the Expense of Your Privacy"

"Your Car Might Be Watching You to Keep You Safe − at the Expense of Your Privacy"

Research has been done on applying blockchain-based federated Machine Learning (ML) to improve the privacy and security of users and their sensitive data. The method could be used to protect driver data. Data collection in cars is a potential privacy nightmare because the information gathered can reveal the driver's identity, driving habits, how safely they drive, where they have been, and where they regularly go. According to a report by the Mozilla Foundation, a nonprofit technology research and advocacy organization, carmakers' privacy policies are incredibly lax.

Submitted by Gregory Rigby on

"Study Shows Challenges to Protecting Privacy of Library Users"

"Study Shows Challenges to Protecting Privacy of Library Users"

According to the first study of privacy practices and challenges in public libraries led by University of Illinois Urbana-Champaign information sciences professor and cybersecurity expert Masooda Bashir, librarians have historically taken a firm stand on protecting their patrons' privacy, but how well they do this varies based on certain factors. Bashir and her research group conducted an online survey of public library employees across the US, asking about employee training, secure storage methods, how data breaches were handled, and more.

Submitted by Gregory Rigby on

"Apple-Backed Data Breach Report Says 2.6 Billion Records Leaked in 2 Years"

"Apple-Backed Data Breach Report Says 2.6 Billion Records Leaked in 2 Years"

According to a data breach report commissioned by Apple, hackers stole 2.6 billion records between 2021 and 2022. The report by MIT Professor of Information Technology (IT) Stuart Madnick reveals that breaches increased by 20 percent in the first three quarters of 2023 compared to all of 2022. According to the report, increasingly sophisticated ransomware attacks and attacks on third-party vendors significantly contribute to the growing scope of data breaches. Cloud security was cited as becoming increasingly important, with 80 percent of breaches involving cloud-stored data.

Submitted by Gregory Rigby on

"The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread Pools"

"The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread Pools"

The SafeBreach Labs team looked into the viability of using Windows thread pools as a novel attack vector for process injection. They discovered eight new process injection techniques dubbed Pool Party variants, which were capable of triggering malicious execution due to a legitimate action. The techniques could work across all processes without limitations, making them more adaptable than existing process injection techniques. When tested against five leading Endpoint Detection and Response (EDR) solutions, the techniques were found to be completely undetectable.

Submitted by Gregory Rigby on

"New Report: Over 40% of Google Drive Files Contain Sensitive Info"

"New Report: Over 40% of Google Drive Files Contain Sensitive Info"

According to security researchers at Metomic, 40.2% of files stored on Google Drive contain sensitive data.  The researchers analyzed roughly 6.5 million Google Drive files.  The researchers also found that 34.2% of the scrutinized files were shared with external contacts outside the company’s domain.  Equally concerning, the researchers noted that over 350,000 files (0.5%) were publicly accessible, allowing unrestricted entry to anyone possessing the document link.

Submitted by Adam Ekwall on

"New Bluetooth Flaw Lets Hackers Take Over Android, Linux, macOS, and iOS Devices"

"New Bluetooth Flaw Lets Hackers Take Over Android, Linux, macOS, and iOS Devices"

Threat actors could use a critical Bluetooth security flaw to take control of Android, Linux, macOS, and iOS devices. The vulnerability, tracked as CVE-2023-45866, is a case of authentication bypass that allows attackers to connect to vulnerable devices and inject keystrokes to conduct code execution as the victim. According to security researcher Marc Newlin, who disclosed the issue to software vendors in August 2023, multiple Bluetooth stacks have authentication bypass flaws that enable attackers to connect to a discoverable host without user confirmation as well as inject keystrokes.

Submitted by Gregory Rigby on
Subscribe to