Daily Cyber Brief
GitHub repositories deliver fake PoC exploits with malware, Iran's Nuclear Agency Email server hacked, and Android apps with adware downloaded over 20 million times...
Cybersecurity
Researchers at the Leiden Institute of Advanced Computer Science found thousands of repositories on GitHub that offer fake proof-of-concept (PoC) exploits for various vulnerabilities, some of them including malware. GitHub is one of the largest code hosting…
Iran's Atomic Energy Organisation said Sunday an email server of its subsidiary was hacked in a "foreign" attack aimed at drawing "attention" amid protests over the death of Mahsa Amini. The Islamic republic has been gripped by weeks-long demonstrations sparked by the…
A massive, malicious campaign is underway using over 200 typosquatting domains that impersonate twenty-seven brands to trick visitors into downloading various Windows and Android malware. Typosquatting is an old method of tricking people into visiting a fake…
Security researchers at McAfee have discovered a set of 16 malicious clicker apps that managed to sneak into Google Play, the official app store for Android. Clicker apps are a special category of adware that loads ads in invisible frames or in the background and clicks…
A new Windows zero-day allows threat actors to use malicious stand-alone JavaScript files to bypass Mark-of-the-Web security warnings. Threat actors are already seen using the zero-day bug in ransomware attacks. Windows includes a security feature called Mark-of-the-Web…
From the warning banner ‘Be afraid and expect the worst’ that was shown on several Ukrainian government websites on January 13, 2022, after a cyber-attack took them down, the US National Security Agency’s (NSA) cybersecurity director, Rob Joyce, knew that something…
Microsoft this week confirmed that it inadvertently exposed information related to thousands of customers following a security lapse that left an endpoint publicly accessible over the internet sans any authentication. "This misconfiguration resulted in the potential for…
The notorious Emotet botnet has been linked to a new wave of malspam campaigns that take advantage of password-protected archive files to drop CoinMiner and Quasar RAT on compromised systems. In an attack chain detected by Trustwave SpiderLabs researchers…
As a hybrid offline and online war wages on in Ukraine, Viktor Zhora, who leads the country's cybersecurity agency, has had a front-row seat of it all. Zhora is the deputy chairman and chief digital transformation officer at Ukraine's state service of special communication…
The Text4Shell vulnerability, tracked under CVE-2022-42889, started drawing potentially malicious activity this week. Researchers at Wordfence issued a threat advisory urging security teams to update their Apache Commons Text library to the patched version…