Cyber security aggregate rss news

Cyber security aggregator - feeds history

image for Malware in the free  ...

 Threats

We often talk about the perils of downloading pirated versions of games, since they may harbor malware. But they arent the only threat. Nasty surprises can pop up in free-to-play games, too, which is what happened just recently with Super Mario 3: Mario Forever. But first things first… Malware in free-to-play Super   show more ...

Mario 3: Mario Forever The Super Mario series (aka Super Mario Bros. or simply Mario) is one of the best-loved gaming universes. In its 38 years of existence thereve been 24 original games in the main series alone, not to mention dozens of remakes and remasters. Besides that, there are seven spin-off series adding scores of games to the Mario universe. That said, they do all have one thing in common: all of these games — save for the rarest of exceptions — were officially released solely on Nintendos own platforms. So what do you do if you want to play Mario on your computer? You have to download either a PC port or a so-called fangame. Bear in mind, however, that neither option is official or available for download on Nintendos own website. Therefore, the search can often lead down some dark corridors, where enterprising-yet-dodgy types might slip you something malicious instead of a game. Something like this just happened with the free game Super Mario 3: Mario Forever, created by fans. Experts found versions of the game that infected the victims computer with several kinds of malware all at once. Whats inside the infected Mario Forever The attack chain is as follows: when the Mario Forever distribution kit is launched, the game gets installed on the computer, together with the SupremeBot mining client and a malicious Monero (XMR) miner. The mining client then installs another piece of malware on the computer — the Umbral stealer. Umbral earns its crust by stealing almost any information of value that it can find on the victims machine: browser-stored credentials, cryptowallet keys, as well as session tokens — small files by which a site or online service remembers you so theres no need to keep logging in (a bit like cookies). Umbral is particularly fond of hunting Discord, Telegram, Roblox and Minecraft tokens. Besides, the stealer can get webcam footage and screenshots from the infected computer. All in all, a particularly nasty piece of malware with wide-ranging functionality. The result is a Pandoras box of troubles for victims of the infected Super Mario 3: Mario Forever. First, their computers become sluggish and consume more power than usual due to background mining. Second, theyre at risk of account hijacking due to Umbral stealing their passwords. Third, and worst of all: if any cryptowallet private keys are stored on the computer, this threatens direct financial loss. Gamer-attacking malware In general, this problem is quite widespread. Pirated and free games from dubious sources are ideal territory for malicious miners. Gaming computers tend to be high-spec — especially the graphics card, which is whats needed for mining in the first place. This means theyre far better suited to mining cryptocurrency behind the users back than some boringly slow office machine. Detecting a hidden miner on your own is quite a hard job — one that requires a good antivirus. Incidentally, the above-mentioned Roblox and Minecraft, for which Umbral likes to steal account session tokens, traditionally top the rankings of games most targeted by cybercriminals: from phishers to malware spreaders. Most recently, we wrote about how the Fractureiser stealer was distributed under the guise of Minecraft mods. Protect yourself! Finally, a few tips for gamers on how not to fall victim to cybercriminals: Download games only from official sources. This is the only guaranteed way not to pick up something unpleasant. If youre looking to save money on games, there are safer methods than downloading pirated copies from shady sites and torrents. Dont fall for pie-in-the-sky promises. A long-awaited game will not be downloadable before its official release (not legally at least), while a non-existent version for your particular platform wont materialize through wishful thinking. Be careful when downloading and installing mods, and especially cheats — the latter are best avoided entirely, of course. To guard against stealers, try not to save passwords in your browser. Better to use a reliable password manager. And be sure to have installed on your gaming machine a robust solution with a special gaming mode that keeps you safe during play with no irritating slowdown.

image for Transatlantic Cable  ...

 News

The latest edition of the Transatlantic Cable Podcast begins with discussion around Android phones accidentally dialling emergency services in the U.K. From there, discussion moves to malware-laced malware games and law-makers in the U.S share concerns around Alphabets relaxing of fake-news policies. To wrap up the   show more ...

team look at discussions around A.I and jobs – is a machine really going to swipe your job? If you like what you heard, please consider subscribing! UK police report epidemic of Android false emergency calls Malware-Laced Mario Fan Game Will Turn Your Computer Into an Unwitting Crypto Miner Lawmakers slam YouTube for overturning policy banning election misinformation The workers already replaced by artificial intelligence

 Companies to Watch

The new investment round was led by One Peak, with participation from Senovo and Presto Ventures. The company says it can help organizations address three main issues with network management — automation, complexity, and assurance.

 Security Tips and Advice

The US National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published a comprehensive set of guidelines aimed at defending Continuous Integration/Continuous Delivery (CI/CD) environments.

 Trends, Reports, Analysis

The volume of mobile malware, phishing sites dedicated to mobiles, and mobile vulnerabilities increased significantly in 2022, according to the Global Mobile Threat Report 2023 from Zimperium.

 Trends, Reports, Analysis

According to analysis in the Acronis Mid-Year Cyberthreats Report 2023 LockBit’s known victims totaled 280 (49% of the total reviewed) and included the Housing Authority of the City of Los Angeles (HACLA), Aguas do Porto, and Wabtec Corporation.

 Innovation and Research

The Metior framework allows engineers and scientists to study various factors such as victim programs, attacker strategies, and obfuscation scheme configurations to determine the extent of information leakage.

 Laws, Policy, Regulations

Apple has joined the rapidly growing chorus of tech organizations calling on British lawmakers to revise the nation's Online Safety Bill – which for now is in the hands of the House of Lords – so that it safeguards strong end-to-end encryption.

 Trends, Reports, Analysis

The primary cause of cyberattacks against Japanese computer systems is the strength and quality of its manufacturing base. The size of Japanese manufacturers makes them an attractive target for criminal extortion.

 Feed

Red Hat Security Advisory 2023-3954-01 - This release of Red Hat Fuse 7.12 serves as a replacement for Red Hat Fuse 7.11 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. Issues addressed include bypass, code execution, denial of service, information leakage, resource exhaustion, server-side request forgery, and traversal vulnerabilities.

 Feed

Ubuntu Security Notice 6194-1 - Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Xingyuan Mo and Gengjia Chen discovered that the io_uring   show more ...

subsystem in the Linux kernel did not properly handle locking when IOPOLL mode is being used. A local attacker could use this to cause a denial of service.

 Feed

Ubuntu Security Notice 6193-1 - Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that for some Intel processors the INVLPG   show more ...

instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information or possibly cause undesired behaviors.

 Feed

Ubuntu Security Notice 6192-1 - Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Xingyuan Mo and Gengjia Chen discovered that the io_uring   show more ...

subsystem in the Linux kernel did not properly handle locking when IOPOLL mode is being used. A local attacker could use this to cause a denial of service.

 Feed

Red Hat Security Advisory 2023-3947-01 - The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Issues addressed include a bypass vulnerability.

 Feed

Red Hat Security Advisory 2023-3950-01 - The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Issues addressed include a bypass vulnerability.

 Feed

Debian Linux Security Advisory 5441-1 - Two vulnerabilities were found in maradns, an open source domain name system (DNS) implementation, that may lead to denial of service and unintended domain name resolution.

 Feed

Ubuntu Security Notice 6191-1 - USN-6081-1, USN-6084-1, USN-6092-1 and USN-6095-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a spurious warning in the IPv6 subsystem. This update removes the undesired warning message.

 Feed

Red Hat Security Advisory 2023-3936-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.

 Feed

Red Hat Security Advisory 2023-3932-01 - Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. Issues addressed include a bypass vulnerability.

 Feed

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.

 Feed

Debian Linux Security Advisory 5440-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

 Feed

Red Hat Security Advisory 2023-3948-01 - The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Issues addressed include a bypass vulnerability.

 Feed

Red Hat Security Advisory 2023-3946-01 - The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Issues addressed include a bypass vulnerability.

 Feed

MITRE has released its annual list of the Top 25 "most dangerous software weaknesses" for the year 2023. "These weaknesses lead to serious vulnerabilities in software," the U.S. Cybersecurity and Infrastructure Security Agency (CISA) said. "An attacker can often exploit these vulnerabilities to   show more ...

take control of an affected system, steal data, or prevent applications from working." The list is

 Feed

Meta's WhatsApp has rolled out updates to its proxy feature, allowing more flexibility in the kind of content that can be shared in conversations. This includes the ability to send and receive images, voice notes, files, stickers and GIFs, WhatsApp told The Hacker News. The new features were first reported by BBC Persian. Some of the other improvements include streamlined steps to simplify the

 Feed

An active financially motivated campaign is targeting vulnerable SSH servers to covertly ensnare them into a proxy network. "This is an active campaign in which the attacker leverages SSH for remote access, running malicious scripts that stealthily enlist victim servers into a peer-to-peer (P2P) proxy network, such as Peer2Profit or Honeygain," Akamai researcher Allen West said in a Thursday

 Feed

In today's fast-paced digital landscape, the widespread adoption of AI (Artificial Intelligence) tools is transforming the way organizations operate. From chatbots to generative AI models, these SaaS-based applications offer numerous benefits, from enhanced productivity to improved decision-making. Employees using AI tools experience the advantages of quick answers and accurate results, enabling

 Feed

Charming Kitten, the nation-state actor affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC), has been attributed to a bespoke spear-phishing campaign that delivers an updated version of a fully-featured PowerShell backdoor called POWERSTAR. "There have been improved operational security measures placed in the malware to make it more difficult to analyze and collect intelligence,"

2023-06
THU
FRI
SAT
SUN
MON
TUE
WED
JuneJulyAugust