July 2023

STARK#MULE Targets Koreans with U.S. Military-themed Document Lures 28/07/2023 at 16:05 By An ongoing cyber attack campaign has set its sights on Korean-speaking individuals by employing U.S. Military-themed document lures to trick them into running malware on compromised systems. Cybersecurity firm Securonix is tracking the activity under the name STARK#MULE. “Based on the source and likely […]

React to this headline:

A Data Exfiltration Attack Scenario: The Porsche Experience 28/07/2023 at 15:32 By As part of Checkmarx’s mission to help organizations develop and deploy secure software, the Security Research team started looking at the security posture of major car manufacturers. Porsche has a well-established Vulnerability Reporting Policy (Disclosure Policy)[1], it was considered in scope for our research, so

React to this headline:

Hackers Abusing Windows Search Feature to Install Remote Access Trojans 28/07/2023 at 15:32 By A legitimate Windows search feature is being exploited by malicious actors to download arbitrary payloads from remote servers and compromise targeted systems with remote access trojans such as AsyncRAT and Remcos RAT. The novel attack technique, per Trellix, takes advantage of

React to this headline:

OctoX is a radical Rust implementation of a very old OS for RISC-V 28/07/2023 at 14:34 By Liam Proven There’s still life in the wider Version 6 Unix family – and 9front too Not only are various editions of Version 6 UNIX, often known as V6 for short, still being maintained – but new ones

React to this headline:

Microsoft places huge cap-ex bets on datacenters for cloud and AI 28/07/2023 at 13:18 By Paul Kunert CFO says paying customers expected to flood in from 2024 Microsoft is betting big on generative AI by spending many billions of dollars more on building datacenter capacity in anticipation of a rapid uptick in demand from paying

React to this headline:

BlueBravo Deploys GraphicalProton Backdoor Against European Diplomatic Entities 28/07/2023 at 12:47 By The Russian nation-state actor known as BlueBravo has been observed targeting diplomatic entities throughout Eastern Europe with the goal of delivering a new backdoor called GraphicalProton, exemplifying the continuous evolution of the threat. The phishing campaign is characterized by the use of legitimate internet services

React to this headline:

Infineon to offer recyclable circuit boards that dissolve in water 28/07/2023 at 11:33 By Dan Robinson Phasing out epoxy resin laminate with biodegradable substrate might be costly, though Infineon Technologies will using recyclable printed circuit boards (PCBs) based on a material developed by a UK startup in upcoming demo boards.… This article is an excerpt

React to this headline:

On the record: Apple bags patent for iDevice to play LPs 28/07/2023 at 09:18 By Brandon Vigliarolo From Norman Cook to Tim Cook A patent granted to Apple this week suggests the iGiant is, if not actively working on, at least entertaining the thought of introducing some modular hardware into its lineup – including, bizarrely,

React to this headline:

Major Security Flaw Discovered in Metabase BI Software – Urgent Update Required 28/07/2023 at 09:03 By Users of Metabase, a popular business intelligence and data visualization software package, are being advised to update to the latest version following the discovery of an “extremely severe” flaw that could result in pre-authenticated remote code execution on affected

React to this headline:

Cybersecurity Agencies Warn Against IDOR Bugs Exploited for Data Breaches 28/07/2023 at 09:03 By Cybersecurity agencies in Australia and the U.S. have published a joint cybersecurity advisory warning against security flaws in web applications that could be exploited by malicious actors to orchestrate data breach incidents and steal confidential data. This includes a specific class of bugs

React to this headline: