You can call a kitty with a “pspspsps,” but you might be able to call Advanced Persistent Threat (APT) group 42, otherwise known as “Charming Kitten,” with a “pspspsps aux.” All jokes aside, this group, also known as TA453, now targets nuclear security and foreign policy experts to gather intelligence.
Earlier this...Read more...
iRobot’s automated Roomba vacuum cleaners have been navigating households for many years using infrared sensors. However, the company has equipped some of its more recent Roomba models with visible light cameras. As it turns out, these cameras can capture images of people in compromising positions, and these images...Read more...
The cuteness of kittens is widely recognized and appreciated on the internet, but there’s nothing cute about the Iranian Advanced Persistent Threat (APT) known as “Charming Kitten.” Also known as TA453 or APT42, this threat group has been conducting cyber espionage at the behest of the Iranian regime since at least...Read more...
Two iOS developers used a jailbroken iPhone to decrypt and analyze network traffic between the device and Apple. What the developers found is that many of Apple’s own apps frequently send detailed user behavior data along with unique device identifiers back to Apple even when analytics sharing, personalized ads, and...Read more...
Yesterday evening, iPhone users may have been surprised to see multiple push notifications from Apple News containing a racist slur and other obscene language. The notifications were triggered by Fast Company’s Apple News account, prompting Apple News to disable the publication’s news channel. As it turns out, a...Read more...
Successful hacking involves more than just gaining unauthorized access to a system. Once inside, malicious actors like to cover their tracks not only to prevent getting caught, but also to maximize how much data they can extract. To this end, the Iranian-backed hacker group known as Charming Kitten has been discovered...Read more...
Yesterday, we reported on a data breach at Shields Health Care Group that resulted in the theft of personal information belong to 2 million Americans. Oftentimes, data stolen in breaches like this end up on online forums or marketplaces where cybercriminals buy and sell these ill-gotten gains. Lately, US law...Read more...
On April 1st, security researchers discovered a new Android-based spyware contacting infrastructure owned by a Russian-based threat group called Turla. Once installed, this malware can lurk on a device, collecting information and audio recordings while making money for Turla in a rather peculiar way.
The malware...Read more...
Two days ago, we reported that the London police arrested seven individuals between the ages of 16 and 21 years old in connection with an investigation into notorious hacking group LAPSUS$. While it is unclear if the police nabbed the group's ringleader in the arrests, it is clear that the operational security (or...Read more...
Intel today has extended its vPro platform into its 12th Gen mobile and desktop CPU lineup based on Alder Lake, and with the expansion comes some new features and additional segmentation for different size businesses and enterprise clients. As it pertains to the latter, Intel added a couple of new tiers, including...Read more...
When folks talk about major security flaws like the Log4shell exploit in Log4j, or the Eternal Silence UPnP exploit, everyone tends to panic until they're resolved. That's because those bugs are remotely exploitable, meaning that they can be used to attack a system over the internet without placing the attacker in...Read more...
Intel has published its 2021 Product Security Report and in it the company suggests its processors are far less buggy than AMD's chips. The key section is on page 28 where Intel highlights having reported 16 CPU vulnerabilities last year, whereas AMD reported 31 CPU vulnerabilities in the same time period. What can we...Read more...
If you fancy yourself an elite hacker, there could be an Intel event in your future. The chip maker announced it is expanding its bug bounty program with Project Circuit Breaker, which will provide capable hackers with opportunities to win prizes and swag by hunting for bugs in firmware, hypervisors, GPUs, chipsets...Read more...
While you may be trying to buy a Vebjörn desk or snag a deal on a Yttervåg, IKEA is trying to quell an ongoing cyberattack within its infrastructure. On Friday, it was discovered that cybercriminals were targeting IKEA employees with internal phishing attacks, using stolen reply-chain emails.
Reply-chain email...Read more...
Nearly eight and a half years ago, Intel launched its 4th Generation Intel Core Processors, codenamed Haswell. In that time, researchers have discovered a number of security vulnerabilities that can typically be addressed via software and firmware updates. Unfortunately, Intel must ad one more to the list that...Read more...
If you were a threat actor, what better way to get a payload onto someone’s device than through a program that nearly everyone has installed like Google Chrome? Unfortunately, this appears to be what is happening with the Infostealer malware, masquerading as a legitimate update to the popular web browser from Google...Read more...
Earlier this year, one of the largest insurance providers in the U.S. was hit by a ransomware attack that managed to cripple its network and exfiltrate data. According to people familiar with the situation, CNA Financial Corp. out of Chicago, Illinois, paid $40 million to wrest control of its network back in...Read more...
Cyber-attacks have seemingly ramped-up in the last few weeks, like the Colonial Pipeline ransomware incident that netted a cool $5 million for the criminal attackers. Now, cyber-thugs have crippled the Irish Health Service Executive's (HSE) computer systems in what could be "the most significant cybercrime attack on...Read more...
At the start of May, researchers at the University of Virginia announced that current Spectre chip vulnerability mitigations could be bypassed entirely, bringing the ghostly security flaw back to life. Intel has now officially responded by claiming that software coded following its specific security guidance protects...Read more...
Today, Intel signed an agreement with the Defense Advanced Research Projects Agency (DARPA) to "perform in its Data Protection in Virtual Environments (DPRIVE) program." This means that the company will now be working on fully homomorphic encryption, dubbed the "holy grail" of cybersecurity or "the final frontier' in...Read more...
We are two days removed from this month's Patch Tuesday update, and if you are experiencing the odd blue screen of death (BSOD) error, applying the latest cumulative update could be the cure. Among the things it addresses, this month's Patch Tuesday update includes a fix for a weird bug that hackers could exploit to...Read more...
Over the years, lawmakers and law enforcement worldwide have been pushing for backdoors and to eliminate end-to-end encryption in devices. According to security and cryptographic research, however, law enforcement and governments can already access locked smartphones through various tools and tricks. This is mainly...Read more...