Interesting social-engineering attack vector: McAfee released a report on a new LUA malware loader distributed through what appeared to be a legitimate Microsoft GitHub repository for the “C++ Library Manager for Windows, Linux, and MacOS,” known as vcpkg. The attacker is exploiting a property of GitHub: comments to a particular repo can contain files, and … Read More “Using Legitimate GitHub URLs for Malware” »
Category: malware
Auto Added by WPeMatico
Last week, the internet dodged a major nation-state attack that would have had catastrophic cybersecurity repercussions worldwide. It’s a catastrophe that didn’t happen, so it won’t get much attention—but it should. There’s an important moral to the story of the attack and its discovery: The security of the global internet depends on countless obscure pieces … Read More “Backdoor in XZ Utils That Almost Happened” »
The cybersecurity world got really lucky last week. An intentionally placed backdoor in xz Utils, an open-source compression utility, was pretty much accidentally discovered by a Microsoft engineer—weeks before it would have been incorporated into both Debian and Red Hat Linux. From ArsTehnica: Malicious code added to xz Utils versions 5.6.0 and 5.6.1 modified the … Read More “xz Utils Backdoor” »
This is an old piece of malware—the Chameleon Android banking Trojan—that now disables biometric authentication in order to steal the PIN: The second notable new feature is the ability to interrupt biometric operations on the device, like fingerprint and face unlock, by using the Accessibility service to force a fallback to PIN or password authentication. … Read More “PIN-Stealing Android Malware” »
Gene Spafford wrote an essay reflecting on the Morris Worm of 1988—35 years ago. His lessons from then are still applicable today. Powered by WPeMatico
Online voting is insecure, period. This doesn’t stop organizations and governments from using it. (And for low-stakes elections, it’s probably fine.) Switzerland—not low stakes—uses online voting for national elections. Andrew Appel explains why it’s a bad idea: Last year, I published a 5-part series about Switzerland’s e-voting system. Like any internet voting system, it has … Read More “Security Vulnerability of Switzerland’s E-Voting System” »
Malicious ads are creeping into chatbots. Powered by WPeMatico
Kaspersky is reporting a zero-click iOS exploit in the wild: Mobile device backups contain a partial copy of the filesystem, including some of the user data and service databases. The timestamps of the files, folders and the database records allow to roughly reconstruct the events happening to the device. The mvt-ios utility produces a sorted … Read More “Operation Triangulation: Zero-Click iPhone Malware” »
Reuters is reporting that the FBI “had identified and disabled malware wielded by Russia’s FSB security service against an undisclosed number of American computers, a move they hoped would deal a death blow to one of Russia’s leading cyber spying programs.” The headline says that the FBI “sabotaged” the malware, which seems to be wrong. … Read More “FBI Disables Russian Malware” »
Another nation-state malware, Russian in origin: In the early stages of the war in Ukraine in 2022, PIPEDREAM, a known malware was quietly on the brink of wiping out a handful of critical U.S. electric and liquid natural gas sites. PIPEDREAM is an attack toolkit with unmatched and unprecedented capabilities developed for use against industrial … Read More “PIPEDREAM Malware against Industrial Control Systems” »