Technology

Mar 02, 2023Ravie LakshmananData Security / Cryptojacking Misconfigured Redis database servers are the target of a novel cryptojacking campaign that leverages a legitimate and open source command-line file transfer service to implement its attack. “Underpinning this campaign was the use of transfer[.]sh,” Cado Security said in a report shared with The Hacker News. “It’s possible

Xiaomi Mix Fold 3 could be reportedly launched later this year as the successor to the Chinese smartphone manufacturer’s last foldable phone — the Xiaomi Mix Fold 2 — which was launched in August 2022. According to a latest tip, Xiaomi’s next foldable smartphone could allegedly be made available sometime in the second half of 2023.

Mar 03, 2023Ravie LakshmananEndpoint Security / Ransomware The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new advisory about Royal ransomware, which emerged in the threat landscape last year. “After gaining access to victims’ networks, Royal actors disable antivirus software and exfiltrate large amounts of data before ultimately deploying the ransomware and encrypting

Nubia Z50 Ultra will be unveiled in China on March 7 by the ZTE-owned smartphone brand. Ahead of the formal debut, the handset has been allegedly spotted on the Geekbench benchmarking website, hinting at its key specifications. The upcoming Nubia Z50 Ultra has appeared with model number Nubia NX712J. It could run on Android 13

Mar 04, 2023Ravie LakshmananBanking Security / Cyber Crime A new ATM malware strain dubbed FiXS has been observed targeting Mexican banks since the start of February 2023. “The ATM malware is hidden inside another not-malicious-looking program,” Latin American cybersecurity firm Metabase Q said in a report shared with The Hacker News. Besides requiring interaction via

Motorola Moto G Stylus (2023) has reportedly been spotted on Geekbench listing and may soon make its debut. It will be launched as the latest smartphone from the company which gets stylus support. The benchmark listing hints that the Moto G Stylus (2023) could run on Android 13. It has been mentioned to get 3.56GB

Mar 04, 2023The Hacker NewsSaaS Security / Cyber Security This past January, a SaaS Security Posture Management (SSPM) company named Wing Security (Wing) made waves with the launch of its free SaaS-Shadow IT discovery solution. Cloud-based companies were invited to gain insight into their employees’ SaaS usage through a completely free, self-service product that operates

Realme GT Neo 5 was launched on February 9 this year. The smartphone, which debuted as a successor to the Realme GT Neo 3, was released with 240W fast charging support, which the company claims is the fastest smartphone charger in the world. A lite version of the handset with lowered specifications was previously tipped

Mar 03, 2023Ravie LakshmananThreat Intelligence / Cyber Attack The China-aligned Mustang Panda actor has been observed using a hitherto unseen custom backdoor called MQsTTang as part of an ongoing social engineering campaign that commenced in January 2023. “Unlike most of the group’s malware, MQsTTang doesn’t seem to be based on existing families or publicly available

Samsung Galaxy A32 5G smartphone was launched by the South Korean conglomerate in January 2021, as the company’s most affordable smartphone offering of its time. The budget-friendly A-series smartphone from Samsung launched featuring a 5,000mAh battery with support for 15W fast charging. However, a user has reportedly modded the standard Samsung Galaxy A32 5G with

Mar 03, 2023Ravie LakshmananEnterprise Security / IoT A pair of serious security defects has been disclosed in the Trusted Platform Module (TPM) 2.0 reference library specification that could potentially lead to information disclosure or privilege escalation. One of the vulnerabilities, CVE-2023-1017, concerns an out-of-bounds write, while the other, CVE-2023-1018, is described as an out-of-bounds read.

Xiaomi Watch S1 Pro was launched a few days back. The company is now reportedly working on a new smartwatch that will run on Google Wear OS 3. As of now, Xiaomi has been using MIUI Watch OS for all its smartwatches and hence, they lack some of the exclusive features offered by Google apps

Mar 02, 2023Ravie LakshmananContainer Security / Cyber Threat A sophisticated attack campaign dubbed SCARLETEEL is targeting containerized environments to perpetrate theft of proprietary data and software. “The attacker exploited a containerized workload and then leveraged it to perform privilege escalation into an AWS account in order to steal proprietary software and credentials,” Sysdig said in

Apple has increased the battery replacement cost for iPhone 13 or older models by $20 (roughly Rs. 1,650) effective from March 1. This means battery replacement for all phones in the iPhone 13, iPhone 12, iPhone 11, and iPhone X lineups will now cost as much as $89 (roughly Rs. 7,300). Earlier it was priced

Mar 02, 2023Ravie LakshmananLinux / Cyber Threat The threat actor known as Lucky Mouse has developed a Linux version of a malware toolkit called SysUpdate, expanding on its ability to target devices running the operating system. The oldest version of the updated artifact dates back to July 2022, with the malware incorporating new features designed

Qualcomm launched Snapdragon 8 Gen 2 SoC in November last year. Now, the California-based chip maker in association with Thales has announced the first commercially deployable iSIM (integrate SIM) functionality on the Snapdragon 8 Gen 2 chipset at MWC 2023. The iSIM solution will integrate SIM functionality directly into a smartphone’s processor and allows devices

Mar 01, 2023Ravie LakshmananThreat Intelligence / Malware Six different law firms were targeted in January and February 2023 as part of two disparate threat campaigns distributing GootLoader and FakeUpdates (aka SocGholish) malware strains. GootLoader, active since late 2020, is a first-stage downloader that’s capable of delivering a wide range of secondary payloads such as Cobalt

The Redmi Note 12 4G is expected to be released in India and other global markets soon. It was previously spotted on the IMEI website, implying an imminent launch. Previous rumours suggested that the device would be a rebranded version of the Redmi Note 10 Pro. The launch of the Redmi Note 12 Pro 4G

Mar 01, 2023Ravie LakshmananEndpoint Security / Cyber Threat A stealthy Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus has become the first publicly known malware capable of bypassing Secure Boot defenses, making it a potent threat in the cyber landscape. “This bootkit can run even on fully up-to-date Windows 11 systems with UEFI Secure Boot