Security

Cybersecurity researchers have shared details about threat actors actively exploiting a critical authentication bypass vulnerability in the Arcadyan firmware in routers to add them to the Mirai botnet.

The vulnerable devices include several routers from multiple vendors and ISPs, including Asus, British Telecom, Deutsche Telekom, Orange, O2 (Telefonica), Verizon, Vodafone, Telstra, and Telus.

Gigabyte has been the victim of a cyberattack, which was reportedly the work of a ransomware outfit called RansomEXX. According to The Record, the attack didn’t have an impact on any of the company’s production systems, but it did affect some internal servers. Currently, some parts of Gigabyte’s website, including its support section, are down, giving customers issues when trying to access warranty repair information and updates.

Researchers at Ben-Gurion University of the Negev have demonstrated a novel way to spy on electronic conversations. A new paper released today outlines a novel passive form of the TEMPEST attack called Glowworm, which converts minute fluctuations in the intensity of power LEDs on speakers and USB hubs back into the audio signals that caused those fluctuations.

When staying in a “capsule hotel,” the Japanese style of budget accommodation that packs guests into tiny, adjoining rooms not much bigger than their bodies, be considerate of your neighbors. Especially if the capsule hotel you're staying in offers digital automation features—and a hacker is staying in the next room over.

In early 2019, a bug in group FaceTime calls would have let attackers activate the microphone, and even the camera, of the iPhone they were calling and eavesdrop before the recipient did anything at all. The implications were so severe that Apple invoked a nuclear option, cutting off access to the group-calling feature entirely until the company could issue a fix. The vulnerability—and the fact that it required no taps or clicks at all on the part of the victim—captivated Natalie Silvanovich.

Governments, vigilantes, and criminal hackers have a new way to disrupt botnets running the widely used attack software Cobalt Strike, courtesy of research published on Wednesday.

Government officials in the US, UK, and Australia are urging public- and private-sector organizations to secure their networks by ensuring firewalls, VPNs, and other network-perimeter devices are patched against the most widespread exploits.

This new blog post is focused on how to be proactive and hunt for IcedID DLL components to extract network IOCs. It will involve a combination of Yara rules, the Qiling framework, and Python scripting.

Being a highly active threat, IcedID updates its packing technique regularly. This article focuses on what has been observed during the April – May 2021 timeframe. While the Yara introduced in this blog post may not be up to date for the latest samples at the time of publication, the overall hunting pipeline stays valid and can easily be tuned to tackle the latest threats.

Microsoft Teams is becoming an integral part of the company's strategy when it comes to online collaboration and communication, both in personal and professional capacities. The Redmond firm regularly updates it with new features and is also providing deeper integration for the software in Windows 11. Now, it has introduced more protections against phishing in Microsoft Teams.

The web has long been a playground for hackers, offering up hundreds of millions of public-facing servers to comb through for basic vulnerabilities to exploit. Now one hacker tool is about to take that practice to its logical, extreme conclusion: Scanning every website in the world to find and then publicly release their exploitable flaws, all at the same time—and all in the name of making the web more secure.