Daily Cyber Brief

Air-gapped PCs vulnerable to data theft via power supply radiation, hackers earn nearly 1 Million Dollars for 63 zero-days, and Australia arrests 'Pig Butchering' suspects for stealing $100 Million...

Cybersecurity

Air-gapped PCs vulnerable to data theft via power supply radiation

A new attack method named COVID-bit uses electromagnetic waves to transmit data from air-gapped systems, which are isolated from the internet, over a distance of at least two meters (6.5 ft), where it's captured by a receiver. The information emanating from the isolated…

Hackers earn $989,750 for 63 zero-days exploited at Pwn2Own Toronto

Pwn2Own Toronto 2022 has ended with competitors earning $989,750 for 63 zero-day exploits (and multiple bug collisions) targeting consumer products between December 6th and December 9th. During this hacking competition, 26 teams and security researchers have…

Australia arrests 'Pig Butchering' suspects for stealing $100 million

The Australian Federal Police (AFP) have arrested four suspected members of a financial investment scam syndicate estimated to have stolen $100 million from victims worldwide. All four arrested individuals are Chinese nationals living in Sydney. The AFP began…

TikTok Banned on Govt. Devices; Will Private Sector Follow Suit?

Texas this week become the fifth US state to ban the TikTok app on government-owned devices over concerns about the social media app harvesting sensitive data from user devices and potentially making it available to the Chinese government. The question now is whether…

Legit Android apps poisoned by sticky 'Zombinder' malware

Threat researchers have discovered an obfuscation platform that attaches malware to legitimate Android applications to lure users to install the malicious payload and make it difficult for security tools to detect. Analysts with cybersecurity vendor ThreatFabric found…

Cisco Warns of High-Severity Unpatched Flaw Affecting IP Phones Firmware

Cisco has released a new security advisory warning of a high-severity flaw affecting IP Phone 7800 and 8800 Series firmware that could be potentially exploited by a remote attacker to cause remote code execution or a denial-of-service (DoS) condition. The networking…

Hack-for-Hire Group Targets Travel and Financial Entities with New Janicab Malware Variant

Travel agencies have emerged as the target of a hack-for-hire group dubbed Evilnum as part of a broader campaign aimed at legal and financial investment institutions in the Middle East and Europe. The attacks targeting law firms throughout 2020 and 2021 involved a revamped…

This ransomware gang is a right Royal pain in the AES for healthcare orgs

Newish ransomware gang Royal has been spotted targeting the healthcare sector, the US Department of Health and Human Services (HHS) has said. The crew emerged this year, and follows the standard double extortionware playbook: it steals data from infected networks…

Iran-Backed MuddyWater's Latest Campaign Abuses Syncro Admin Tool

Iranian-backed threat group MuddyWater has switched up its tactics — it's now using remote administration tool Syncro to take over target devices. Syncro is a full-featured remote access platform for managed service provider operations. The tool even offers a free 21-day trial…

Truebot Malware Activity Increases With Possible Evil Corp Connections

Threat group Silence has been spotted infecting an increasing number of devices using Truebot malware. The findings come from Cisco Talos researchers, who have also suggested a connection between Silence and the infamous hacking group Evil Corp (tracked by Cisco…

Daily Cyber Brief

Air-gapped PCs vulnerable to data theft via power supply radiation, hackers earn nearly 1 Million Dollars for 63 zero-days, and Australia arrests 'Pig Butchering' suspects for stealing $100 Million...

Cybersecurity

Join the conversation

Overt Operator