Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that's designed to harvest sensitive information from compromised Android devices.
According to Kaspersky security researcher Igor Golovin, the apps come with nefarious features to capture and exfiltrate names, user IDs, contacts, phone numbers, and chat messages to an actor-controlled server.
The activity has been codenamed Evil Telegram by the Russian cybersecurity company.
A threat actor called Redfly has been linked to a compromise of a national grid located in an unnamed Asian country for as long as six months earlier this year using a known malware referred to as ShadowPad.
"The attackers managed to steal credentials and compromise multiple computers on the organization's network," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News. "The attack is the latest in a series of espionage intrusions against [critical national infrastructure] targets."
ShadowPad, also known as PoisonPlug, is a follow-up to the PlugX remote access trojan and is a modular implant capable of loading additional plugins dynamically from a remote server as required to harvest sensitive data from breached networks.
Apple released security updates for older iPhones to fix a zero-day vulnerability tracked as CVE-2023-41064 that was actively exploited to infect iOS devices with NSO's Pegasus spyware.
CVE-2023-31064 is a remote code execution flaw that is exploited by sending maliciously crafted images via iMessage.
As reported by Citizen Lab earlier this month, CVE-2023-31064 and a second flaw tracked as CVE-2023-41061 were used as a zero-click attack chain dubbed BLASTPASS, which involves sending specially crafted images in iMessage PassKit attachments to install spyware.
When the phones received and processed the attachment, it installed NSO's Pegasus spyware, even on fully patched iOS (16.6) devices.
Apple released fixes for the two flaws with macOS Ventura 13.5.2, iOS 16.6.1, iPadOS 16.6.1, and watchOS 9.6.2, and CISA published an alert requiring federal agencies to patch by October 2, 2023.
Adobe has released security updates to patch a zero-day vulnerability in Acrobat and Reader tagged as exploited in attacks.
Even though additional information on the attacks is yet to be disclosed, the zero-day is known to affect both Windows and macOS systems.
"Adobe is aware that CVE-2023-26369 has been exploited in the wild in limited attacks targeting Adobe Acrobat and Reader," the company said in a security advisory published today.
The critical security flaw is tracked as CVE-2023-26369 and can let attackers gain code execution after successfully exploiting an out-of-bounds write weakness.
While threat actors can exploit it in low-complexity attacks without requiring privileges, the flaw can only be exploited by local attackers, and it also requires user interaction, according to its CVSS v3.1 score.
CVE-2023-26369 was classified by Addobe with a maximum priority rating, with the company strongly advising administrators to install the update as soon as possible...
Google released emergency security updates to fix the fourth Chrome zero-day vulnerability exploited in attacks since the start of the year.
"Google is aware that an exploit for CVE-2023-4863 exists in the wild," the company revealed in a security advisory published on Monday.
The new version is currently rolling out to users in the Stable and Extended stable channels, and it's estimated that it will reach the entire user base over the coming days or weeks.
Chrome users are advised to upgrade their web browser to version 116.0.5845.187 (Mac and Linux) and 116.0.5845.187/.188 (Windows) as soon as possible, as it patches the CVE-2023-4863 vulnerability on Windows, Mac, and Linux systems.
A prominent gun safe manufacturing company now faces massive backlash because it provided the Federal Bureau of Investigation (FBI) with the password to a customer's safe at the law enforcement agency's request.
The United States should take extra caution to avoid complicity in what is possibly an ongoing "genocide intent" against 120,000 Armenians living in Nagorno-Karabakh, experts warned the Tom Lantos Human Rights Commission, a bipartisan congressional human rights group.
The local government body of Birmingham, the U.K.'s second-largest city, effectively declared bankruptcy on Sept. 5 because it no longer has enough money to pay the £760 million ($954 million) equal pay claims it owes to female government employees who were paid less than men in the past.
Hundreds of gun owners took to the streets of Albuquerque over the weekend to openly carry their firearms in defiance of the state’s Democrat governor, Michelle Lujan Grisham, who unilaterally decided to suspend laws allowing open and concealed carry in the area.
The Central Intelligence Agency offered to pay off analysts in order to bury their findings that COVID-19 most likely leaked from a lab in Wuhan, China, new whistleblower testimony to Congress alleges.
A senior-level CIA officer told House committee leaders that his agency tried to pay off six analysts who found SARS-CoV-2 likely originated in a Wuhan lab if they changed their position and said the virus jumped from animals to humans, according to a letter sent Tuesday to CIA Director William Burns.
Select Subcommittee on the Coronavirus Pandemic Chairman Brad Wenstrup (R-Ohio) and Permanent Select Committee on Intelligence Chairman Mike Turner (R-Ohio) requested all documents, communications and pay info from the CIA’s COVID Discovery Team by Sept. 26.
“According to the whistleblower, at the end of its review, six of the seven members of the Team believed the intelligence and science were sufficient to make a low confidence assessment that COVID-19 originated from a laboratory in Wuhan, China,” the House panel chairmen wrote.
Nike announced the permanent closure of its factory store in northeast Portland, Oregon, on Friday due to ongoing “theft and safety issues” after nearly 40 years of business on the city’s northeast side, according to a non-profit that supports economic and business development in the neighborhood.
The White House appeared to blow off criticisms after President Joe Biden became the first sitting U.S. President to not make an appearance at any of the official memorial sites on September 11: Ground Zero in New York City, the Pentagon Memorial in Arlington, Virginia, and Shanksville, Pennsylvania — the place where passengers brought down hijacked United Flight 93.
Georgia Governor Brian Kemp took aim at former President Donald Trump over the weekend for recent remarks that he made about “COVID tyrant[s],” noting that the former president opposed him back in April 2020 for reopening his state early.
California lawmakers passed a bill last week that prevents public school boards from banning gender and race-related books and educational material, and Governor Gavin Newsom is expected to sign it into law within the next month.
Virginia Democrats and Loudoun County’s George Soros-backed prosecutor are lashing out at Gov. Glenn Youngkin (R-VA) over his Sunday pardon of Scott Smith, whose daughter was raped in school and who the prosecutor, Buta Biberaj, personally sought to put in jail.