News

Apple on Thursday pushed out an urgent point-update to its flagship iOS and macOS platforms to fix a pair of security defects being exploited in the wild. The vulnerabilities, fixed in the latest iOS 16.6.1 and macOS Ventura 13.5.2 releases, are credited to the Citizen Lab at The University of Torontoʼs Munk School, suggesting exploitation in commercial surveillance spyware products. The Citizen Lab at The University of Torontoʼs Munk School actively tracks PSOAs (private sector…

Read More

The U.S. government’s cybersecurity agency CISA on Monday confirmed the addition of Peiter ‘Mudge’ Zatko to its roster of prominent voices preaching the gospel of security-by-design and secure-by-default development principles. Zatko, most recently the CISO at Twitter who blew the whistle on the social media giant’s security shortcomings, is joining the agency in a part-time capacity to work on the “security and resilience by design” pillar of the Biden administration’s National Cybersecurity Strategy. A statement…

Read More

Just days after shipping a major security update to correct vulnerabilities in its Aria Operations for Networks product line, VMWare is warning that exploit code has been published online. In an updated advisory, the virtualization technology giant confirmed the public release of exploit code that provides a roadmap for hackers to bypass SSH authentication and gain access to the Aria Operations for Networks command line interface. The exploit code and root-cause analysis, released by SinSinology…

Read More

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…

Read More

Cyber intelligence firm EclecticIQ on Thursday announced the release of a free decryption tool to help victims of the Key Group ransomware recover their data without having to pay a ransom. Also known as keygroup777, Key Group is a Russian-speaking cybercrime actor known for selling personally identifiable information (PII) and access to compromised devices, as well as extorting victims for money. The group has been observed using private Telegram channels to communicate with members and…

Read More

Elon Musk said Thursday that his social network X, formerly known as Twitter, will give users the ability to make voice and video calls on the platform. Musk, who has a history of making proclamations about coming features and policies that have not always come to fruition, did not say when the features would be available to users. The company also updated its privacy policies that will allow for the collection of biometric data and…

Read More

The US Department of Energy on Wednesday announced a competition that can help smaller electric utilities obtain funding and technical assistance for improving their cybersecurity posture.  The competition, named the Advanced Cybersecurity Technology (ACT) 1 Prize Competition, is part of the Biden administration’s Rural and Municipal Utility Cybersecurity (RMUC) Program, which has set aside $250 million over a five-year period for enhancing cybersecurity at cooperative, municipal and small investor-owned electric utilities.  For the ACT 1…

Read More

A cyberespionage group possibly linked to China has targeted government-related organizations and technology companies in various parts of the world. Trend Micro, which tracks it as Earth Estries, says the group has been around since at least 2020.  While the cybersecurity firm has not directly attributed Earth Estries to any particular country, it did point out that there are some overlaps in tactics, techniques and procedures (TTPs) with an APT named FamousSparrow. FamousSparrow, which in…

Read More

A newly identified Android trojan targeting users in Southeast Asia is allowing attackers to control devices remotely and perform bank fraud, Trend Micro reports. Dubbed MMRat and active since June, the malware can capture user input and take screenshots, and uses a customized command-and-control (C&C) protocol based on Protobuf, which improves its performance when transferring large amounts of data. The malware has been distributed via websites masquerading as official application stores, and which were tailored…

Read More