From The Blog
-
Minecraft Mods stuffed with Malware Used to Target Windows and Linux
Written by Sean KalinichAs we hear more about Supply Chain attacks and the need for Software Build of Materials we are now hearing of an attack on the…Written on Wednesday, 07 June 2023 15:24 in News Read 203 times Read more...
-
Sextortionists Get a Boost from AI and Publicly Available Images
Written by Sean KalinichAs if the internet needed something else bad floating around it seems that groups that engage in extortion schemes involving the threat of releasing images…Written on Wednesday, 07 June 2023 14:24 in News Read 174 times Read more...
-
New PowerShell Malware Dubbed PowerDrop used to Target US Aerospace Industry
Written by Sean KalinichIt is Wednesday, so it is about time to talk about a new strain of malware. In this case one that leverages Microsoft’s PowerShell to…Written on Wednesday, 07 June 2023 13:31 in News Read 135 times Read more...
-
More Ransomware as a Service Fun as Cyclops Gang Now Offers Value Add Information Stealer
Written by Sean KalinichAnyone that does not think that cybercrime is now a bug business has been living under a rock. The news related to different cybercrime-as-a-service groups,…Written on Tuesday, 06 June 2023 15:08 in News Read 430 times Read more...
-
Why SBOM is in the News and Why it is Important
Written by Sean KalinichSince Executive Order 14028 came out on May 12th from the Biden Administration there has been a lot of talk about what it means and…Written on Tuesday, 06 June 2023 11:43 in Security Talk Read 91 times Read more...
-
Attackers Drop Card Stealing Scripts into Legitimate eCommerce Sites
Written by Sean KalinichSo, there you are, you have found the one thing in all the internet that will make your object drive life complete. You put the…Written on Monday, 05 June 2023 15:10 in News Read 841 times Read more...
-
MOVEit Transfer Zero Day gets added to the KEV and a Cool New Web Shell
Written by Sean KalinichSpring, the time of renewal, the time when nature wakes up. It is also a time when Zero-Day flaws hit the web. This year has…Written on Monday, 05 June 2023 11:12 in News Read 282 times Read more...
-
Google’s Verification Feature in Gmail already Abused by Scammers and Phishers
Written by Sean KalinichThe news that a feature in Gmail that shows a verification check mark for a sender is being abused by attackers should come as a…Written on Monday, 05 June 2023 10:20 in News Read 381 times Read more...
-
New APT Group targeting iOS Users with Zero-Click Malware, US gets the Blame
Written by Sean KalinichThere is a new bit of malware targeting iOS users via iMessage from what appears to be a new APT (Advanced Persistent Threat) group. The…Written on Friday, 02 June 2023 14:46 in News Read 380 times Read more...
Recent Comments
- Sean, this is a fantastic review of a beautiful game. I do agree with you… Written by Jacob 2023-05-19 14:17:50 Jedi Survivor – The Quick, Dirty, and Limited Spoilers Review
- Great post. Very interesting read but is the reality we are currently facing. Written by JP 2023-05-03 02:33:53 The Dangers of AI; I Think I Have Seen this Movie Before
- I was wondering if you have tested the microphone audio frequency for the Asus HS-1000W? Written by Maciej 2020-12-18 14:09:33 Asus HS-1000W wireless headset impresses us in the lab
- Thanks for review. I appreciate hearing from a real pro as opposed to the blogger… Written by Keith 2019-06-18 04:22:36 The Red Hydrogen One, Possibly One of the Most “misunderstood” Phones Out
- Have yet to see the real impact but in the consumer segment, ryzen series are… Written by sushant 2018-12-23 10:12:12 AMD’s 11-year journey to relevance gets an epic finish.
Most Read
- Microsoft Fail - Start Button Back in Windows 8.1 But No Start Menu Written on Thursday, 30 May 2013 15:33 in News Be the first to comment! Read 115115 times Read more...
- We take a look at the NETGEAR ProSafe WNDAP360 Dual-Band Wireless Access Point Written on Saturday, 07 April 2012 00:17 in Pro Storage and Networking Be the first to comment! Read 84229 times Read more...
- Synology DS1512+ Five-Bay NAS Performance Review Written on Tuesday, 12 June 2012 20:31 in Pro Storage and Networking Be the first to comment! Read 78426 times Read more...
- Gigabyte G1.Sniper M3 Design And Feature Review Written on Sunday, 19 August 2012 22:35 in Enthusiast Motherboards Be the first to comment! Read 77785 times Read more...
- The Asus P8Z77-M Pro Brings Exceptional Performance and Value to the Lab Written on Monday, 23 April 2012 13:02 in Consumer Motherboards Be the first to comment! Read 67367 times Read more...
Microsoft Announces AI Run Moderation System to Prevent “harmful” Content
Written by Sean Kalinich
With some of the news around AI I feel like I should just create a “what could go wrong” series of articles. After all, as we see the term “AI” pushed around as the savior for all the things, we should be aware of the fact that things could go horribly wrong with any of these systems. So, it is with that in mind that we bring you news that Microsoft is now offering an AI content moderation system called Azure AI Content Safety. I mean having a system that was taught what is harmful content to control speech in online platforms… what could possibly go wrong?
China Targets US Based Micron with a Sales Ban Citing National Security Concerns
Written by Sean Kalinich
In what seems to be a tit-for-tat move, Chin has announced a ban on products from US chip maker, Micro. The reasons for this are vague with the Cybersecurity Administration of China (CAC) saying it is for National Security reasons. This move comes after the US has banned a couple of technology companies from China for the same reasons and as social time-wasting platform TikTok comes under greater scrutiny in possible preparation of a nationwide ban on the platform. Montana has already signed a ban into law although this ban might not bear the scrutiny of a Constitutional Review.
Ransomware Group BlackCat Appears to be Developing a New Attack Using Signed Kernel Drivers
Written by Sean Kalinich
In the never-ending saga of Ransomware, the threat groups that deploy or leverage this tool for financial gain are always looking for a new method of installation and ways to avoid increasingly sophisticated security measures. Although most organizations might not be employing overly sophisticated security, the really good targets might be. Even the use of advanced MDR/XDR makes the exposure window smaller when it comes to many ransomware attacks.
As System Shock Remake is Underway New Look at the System Shock 2 Enhanced Edition Pips up
Written by Sean Kalinich
Long, long ago in a development studio far away there was a concept for a game where the protagonist was something more than just another boss to beat. In 1994 LookingGlass studios launched the game System Shock. It was a 1st person shooter game where you take the role of a “hacker” onboard a space station in 2072. Your nemesis, a malevolent AI called SHODAN. The game was a critical success although it lost money for LookingGlass. System Shock also changed the genre of first-person shooters with its innovative style, story line and, of course, SHODAN.
ByteDance’s TikTok Video Editor/Maker CapCut Being Impersonated to Spread Malware
Written by Sean Kalinich
Video editing software CapCut users are being targeted by attackers to push different strains of malware. For those that are not aware of that CapCut is, it is a video editor and maker for TikTok and is the official one at that (ByteDance also owns TikTok). With over 500 million downloads from Google Play alone it is clearly a very popular app for people to grab to feed their TikTok streams with. It was only a matter of time before someone decided to go after the poplar app and with the growing number of bans and lock outs for ByteDance and their services, offering what appears to be an alternative way to get this software makes sense (from an attacker perspective).
Samsung Discloses Medium Vulnerability Exploited in the Wild First Identified in January 2023
Written by Sean Kalinich
First identified in January of 2023, Samsung has put a warning about a CVSS 4.4 vulnerability (CVE-2023-21492) that Is actively being exploited in the wild. The flaw, which impacts Samsung devices that are running Android 11, 12, and 13, was first disclosed to Samsung privately on January 17th, 2023. CISA (Cybersecurity and Infrastructure Security Agency) has also issued a warning about the flaw.
PyPI Stops New Users and Uploads to Deal with Malicious User Increase
Written by Sean Kalinich
PyPI (the Python Package Index) has stopped allowing the creation of new accounts and the upload of new packages. This move has been put in place to deal with a massive increase in identified malicious users and packages. This decision comes as other repositories like NPM and even Microsoft VSCode have identified new malware posing as well-known projects. Supply chain attacks and typo-squatting are not really a new thing and increases in attacks on repositories often happen on a fairly regular basis. However, the increase across three popular repos can been seen as a larger threat when put in context of the general IT market.
Work from Home Under Attack as Companies Seek to Offset the Cost of Workspaces
Written by Sean Kalinich
A couple of accountants came up the laneway the other day… No this is not a “Letterkenny” episode, but the cold intro style was spot to me for this one. It seems that in the pre-covid world many companies were in the process of buying up or moving to beautiful new office spaces. Some of these spaces had glorious open areas, beautiful break rooms and, of course, space for all. Then Covid hit and the lock downs. This forced those same companies to abandon those spaces and work like crazy to get everyone to work from home. Now the bill on those same spaces has come due and companies are calling everyone home.
Millions of Android Devices Loaded with Malware Infected OEM Images.
Written by Sean Kalinich
TrendMicro made a shocking revelation at Black Hat Asia 2023 where they disclosed an operation that has been running since 2018 targeting Android devices. The scheme was uncovered in 2021 while researchers at TrendMicro were looking into SMS PVA (Phone Verified Accounts) mobile bot net. They identified that the botnet had been helped along by a supply chain attack targeting the image used by OEM to rapidly deploy the OS onto the devices.
Apple Pushes Out Patches for Three Zero-Day Vulnerabilities Exploited in the Wild
Written by Sean Kalinich
Apple has rushed to release patches for CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373 all of which are in the WebKit Browser engine and across all Apple platforms (IOS, IpadOS and macOS). These three flaws have also been seen to be actively exploited in the wild. This increases the significance of them and should be remediated as soon as possible by applying any available patches.
More...
Apple Launches ChatGPT app Wile Banning it from Use by Employees
Written by Sean Kalinich
After learning that there were malicious ads containing links to ChatGPT apps (for Windows), Apple launched a legitimate app for IOS. The app brings the very popular LLM to Apple users at a time when some are becoming more hesitant about its use. It has not been that long since Samsung accidentally leaked confidential information via the platform. This prompted both Microsoft (a heavy investor) and OpenAI themselves to start work on private environments where data put into the model is not used to train it.
Well Crap, New Flaw in KeePass Allows Attackers to Recover Master Password via Memory Dump
Written by Sean Kalinich
KeePass has a bit of a memory issue. It seems that the master password is passed in clear text through memory. This tiny little (sarcasm) bug was identified by a security researcher who goes by the name as vdohney. A proof of concept (POC) has already been published which usually leads to in-the-wild exploitation of the flaw (tracked as CVE-2023-32784). Oh, and if you did not know KeePass is a password manager/vault.
More Repo Issues as Malware Found in NPM Node.js Packages
Written by Sean Kalinich
Popular open-source repository NPM is back in the news as a pair of packages were found to have malware in them. The malware in question is TurkoRat. TurkoRat is an open-source information stealer that has a few features attached to it. Among some of the components are things like a wallet grabber (wallets.js) which seems geared towards stealing crypto currency. Other components are ones you would expect from an InforStealer like credential theft etc. The package was found by ReversingLabs after it had been in place for two months.
Apple Rolling out a Feature that Lets Your iPhone Sound Just Like You, What Could Go Wrong
Written by Sean Kalinich
I’ll take stupid features for $500 Alex. It seems that Apple is looking to deploy a feature that would allow your phone to sound and reply just like you do. The feature called “Personal Voice” uses a form of AI to replicate the sound and speech pattern of your voice in as little as 15 minutes (queue GEICO joke here). The feature is part of an update to their built-in accessibility features toolkit and on the surface is intended to help people that have speech challenges. Personal Voice can be used for in-person conversations and via phone calls. This feature will be tied to something called Live Speech which allows someone to type in messages and have them spoken by your phone.