Cyber News

Workshop on Cybersecurity Labeling Programs for Consumers: Internet of Things (IoT) Devices and Software

1 month 2 weeks hence
On September 14-15, 2021, NIST will host a virtual public workshop on challenges and practical approaches to initiating cybersecurity labeling efforts for Internet of Things (IoT) devices and consumer software.  The workshop will help NIST to carry out an Executive Order (EO) on Improving the Nation’s Cybersecurity. The agenda for the workshop will include facilitated panel discussions and presentations based on consumer software labeling position papers submitted to NIST and on preliminary feedback on potential IoT baseline security criteria to be shared by NIST in August. According to the EO
Crissy Robinson

Chinese Hackers Implant PlugX Variant on Compromised MS Exchange Servers

10 hours 57 minutes ago
A Chinese cyberespionage group known for targeting Southeast Asia leveraged flaws in the Microsoft Exchange Server that came to light earlier this March to deploy a previously undocumented variant of a remote access trojan (RAT) on compromised systems. Attributing the intrusions to a threat actor named PKPLUG (aka Mustang Panda and HoneyMyte), Palo Alto Networks' Unit 42 threat intelligence team
Ravie Lakshmanan

UBEL is the New Oscorp — Android Credential Stealing Malware Active in the Wild

10 hours 27 minutes ago
An Android malware that was observed abusing accessibility services in the device to hijack user credentials from European banking applications has morphed into an entirely new botnet as part of a renewed campaign that began in May 2021. Italy's CERT-AGID, in late January, disclosed details about Oscorp, a mobile malware developed to attack multiple financial targets with the goal of stealing
Ravie Lakshmanan

Hackers Turning to 'Exotic' Programming Languages for Malware Development

11 hours ago
Threat actors are increasingly shifting to "exotic" programming languages such as Go, Rust, Nim, and Dlang that can better circumvent conventional security protections, evade analysis, and hamper reverse engineering efforts. "Malware authors are known for their ability to adapt and modify their skills and behaviors to take advantage of newer technologies," said Eric Milam, Vice President of
Ravie Lakshmanan

IoT Devices & Software | NIST Workshop + Call for Papers on Cybersecurity Labeling Programs for Consumers

11 hours 21 minutes ago
NIST is seeking suggestions and feedback on challenges and practical approaches to initiating cybersecurity labeling efforts for Internet of Things (IoT) devices and consumer software. The information received will help NIST carry out one of its multiple assignments included in a May 12, 2021 Executive Order (EO) on Improving the Nation’s Cybersecurity. We need your help! You are invited to respond to a call for papers, comment on a forthcoming draft white paper, and participate in our workshop on September 14-15, 2021. More about the call for papers: NIST is now requesting one- to two-page
Thelma A. Allen

Hackers Posed as Aerobics Instructors for Years to Target Aerospace Employees

10 hours 59 minutes ago
An Iranian cyberespionage group masqueraded as an aerobics instructor on Facebook in an attempt to infect the machine of an employee of an aerospace defense contractor with malware as part of a years-long social engineering and targeted malware campaign. Enterprise security firm Proofpoint attributed the covert operation to a state-aligned threat actor it tracks as TA456, and by the wider
Ravie Lakshmanan

De-anonymization Story

12 hours 17 minutes ago

This is important:

Monsignor Jeffrey Burrill was general secretary of the US Conference of Catholic Bishops (USCCB), effectively the highest-ranking priest in the US who is not a bishop, before records of Grindr usage obtained from data brokers was correlated with his apartment, place of work, vacation home, family members’ addresses, and more.

[…]

The data that resulted in Burrill’s ouster was reportedly obtained through legal means. Mobile carriers sold­ — and still sell — ­location data to brokers who aggregate it and sell it to a range of buyers, including advertisers, ...

Bruce Schneier

XCSSET Malware Witnesses Gradual Updates

12 hours 5 minutes ago
An ongoing XCSSET campaign has been observed with some upgrades in its features. However, the recent report about the XCSSET malware does not indicate any major changes in the malware’s core capabilities. These changes correspond to a gradual fine-tuning of its tactics.

LemonDuck: Enhancing its Capabilities Across Windows and Linux

11 hours 36 minutes ago
Microsoft warned against a cryptominer threat named LemonDuck, which is targeting both Windows and Linux systems. Earlier this year, the LemonDuck gang had shifted its tactics in the later stage of its attack to manual hacking. The recent upgrades in this cross-platform threat indicate that its developers are determined to make a dent in the current threat landscape.

FBI tracking more than 100 active ransomware groups

12 hours 51 minutes ago
Tracking the cybercriminals behind ransomware is a difficult task. The hackers who write and maintain ransomware are often different from those who deploy it, with the two parties sharing the profits.