Technology

Apr 22, 2023Ravie LakshmananSupply Chain / Cyber Threat Lazarus, the prolific North Korean hacking group behind the cascading supply chain attack targeting 3CX, also breached two critical infrastructure organizations in the power and energy sector and two other businesses involved in financial trading using the trojanized X_TRADER application. The new findings, which come courtesy of

Xiaomi Mix Fold 3, the successor to the Mix Fold 2, has been in rumours for some time now. The Chinese smartphone manufacturer is yet to reveal any details on the same, but recent reports and leaks have been giving insight on the expected specifications of the smartphone. The foldable is expected to launch sometime

Apr 21, 2023Ravie LakshmananKubernetes / Cryptocurrency A large-scale attack campaign discovered in the wild has been exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) to create backdoors and run cryptocurrency miners. “The attackers also deployed DaemonSets to take over and hijack resources of the K8s clusters they attack,” cloud security firm Aqua said in a report

Samsung Galaxy Tab S9 series is expected to make its debut soon. The series is expected to be unveiled at an upcoming Galaxy Unpacked event in the second half of the year. The series is most likely to include the base Galaxy Tab S9, the Galaxy Tab S9+, and the Galaxy Tab S9 Ultra tablets.

The supply chain attack targeting 3CX was the result of a prior supply chain compromise associated with a different company, demonstrating a new level of sophistication with North Korean threat actors. Google-owned Mandiant, which is tracking the attack event under the moniker UNC4736, said the incident marks the first time it has seen a “software

Vivo Pad 2 has been launched in China in three colour variants and two RAM and storage configurations. The latest offering from the Chinese manufacturer is powered by a MediaTek Dimensity 9000 SoC paired with up to 12GB of RAM. It sports a 12.1-inch LCD display with a 2.8K resolution and 144Hz refresh rate. It

Apr 20, 2023Ravie LakshmananCloud Security / Vulnerability A chain of two critical flaws has been disclosed in Alibaba Cloud’s ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL that could be exploited to breach tenant isolation protections and access sensitive data belonging to other customers. “The vulnerabilities potentially allowed unauthorized access to Alibaba Cloud customers’ PostgreSQL

Poco F5 may launch soon in India. The handset recently appeared on benchmarking website including Geekbench suggesting its possible specifications, which could include Snapdragon 7+ Gen 2 SoC, 8GB RAM, and Android 13 operating system. Most recently, Poco India Head, Himanshu Tandon has hinted at its arrival in India. Tandon on Twitter described the upcoming handset with five

Apr 20, 2023Ravie LakshmananRansomware / Cyber Attack Fortra, the company behind Cobalt Strike, shed light on a zero-day remote code execution (RCE) vulnerability in its GoAnywhere MFT tool that has come under active exploitation by ransomware actors to steal sensitive data. The high-severity flaw, tracked as CVE-2023-0669 (CVSS score: 7.2), concerns a case of pre-authenticated

Vivo S17 series is reportedly in the works. The smartphone lineup could include three models — Vivo S17e, Vivo S17, and Vivo S17 Pro — and may debut in global markets as the Vivo V29 series. Now, a Chinese tipster has leaked the camera details of the upcoming Vivo S17 Pro. As per the leak,

Apr 19, 2023Ravie LakshmananCyber War / Cyber Attack Elite hackers associated with Russia’s military intelligence service have been linked to large-volume phishing campaigns aimed at hundreds of users in Ukraine to extract intelligence and influence public discourse related to the war. Google’s Threat Analysis Group (TAG), which is monitoring the activities of the actor under

Realme’s C55 got the world’s attention when it was first launched in Indonesia for being the first Android smartphone with a copy of Apple’s Dynamic Island feature. Realme has branded this software feature as “Mini Capsule”. Now, the company brought this budget smartphone to India, but it’s already clear that Mini Capsule is not the most interesting

Apr 19, 2023Ravie LakshmananLinux / Malware The Pakistan-based advanced persistent threat (APT) actor known as Transparent Tribe used a two-factor authentication (2FA) tool used by Indian government agencies as a ruse to deliver a new Linux backdoor called Poseidon. “Poseidon is a second-stage payload malware associated with Transparent Tribe,” Uptycs security researcher Tejaswini Sandapolla said

Moto G Stylus (2023) could be inching towards its launch as a new set of renders, depicting the handset in two colourways, have leaked online. The renders indicate that the new Motorola phone will feature a hole-punch display design and include dual rear cameras, led by a 50-megapixel primary sensor. The Moto G Stylus (2023)

Apr 18, 2023Ravie LakshmananThreat Intelligence / Cyber Risk Cybersecurity researchers have detailed the inner workings of a highly evasive loader named “in2al5d p3in4er” (read: invalid printer) that’s used to deliver the Aurora information stealer malware. “The in2al5d p3in4er loader is compiled with Embarcadero RAD Studio and targets endpoint workstations using advanced anti-VM (virtual machine) technique,”

Realme 11 series smartphones, comprising Realme 11 Pro and Realme 11 Pro+, are confirmed to be launching soon in China. The company has confirmed the same via a Weibo post. The smartphones have also been spotted on TENAA listing, which reveals some of their key details. Both Realme 11 Pro and Realme 11 Pro+ are

Rapid technological evolution requires security that is resilient, up to date and adaptable. In this article, we will cover the transformation in the field of DFIR (digital forensics and incident response) in the last couple years, focusing on the digital forensics’ aspect and how XDR fits into the picture. Before we dive into the details,

Oppo may introduce a new rollable smartphone to the market in the near future. A patent application from the company has reportedly been spotted on the China National Intellectual Property Administration (CNIPA) website. The company has also launched the Oppo Find N2 Flip and the Oppo Find N2 foldable smartphones in December 2022. Oppo is

Apr 17, 2023Ravie LakshmananSurveillance / Privacy Israeli spyware vendor QuaDream is allegedly shutting down its operations in the coming days, less than a week after its hacking toolset was exposed by Citizen Lab and Microsoft. The development was reported by the Israeli business newspaper Calcalist, citing unnamed sources, adding the company “hasn’t been fully active