Cybersecurity

A newly discovered Linux malware dubbed 'DISGOMOJI' uses the novel approach of utilizing emojis to execute commands on infected devices in attacks on government agencies in India.

ASUS has released a new firmware update that addresses a vulnerability impacting seven router models that allow remote attackers to log in to devices.

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years.

Nice article.

A new phishing campaign uses HTML attachments that abuse the Windows search protocol (search-ms URI) to push batch files hosted on remote servers that deliver malware.

A new phishing kit has been released that allows red teamers and cybercriminals to create progressive web Apps (PWAs) that display convincing corporate login forms to steal credentials.

Today, the Cybersecurity and Infrastructure Security Agency (CISA) warned that criminals are impersonating its employees in phone calls and attempting to deceive potential victims into transferring money.

Google has released patches for 50 security vulnerabilities impacting its Pixel devices and warned that one of them had already been exploited in targeted attacks as a zero-day.

The vulnerability is particularly hazardous as it affects Outlook’s Preview Pane once an email has been opened.

The flaw was patched in March, and at the time Microsoft stated there was no evidence of its exploitation in the wild.

A hacker has gained access to internal tools used by the location tracking company Tile, including one that processes location data requests for law enforcement, and stolen a large amount of customer data, such as their names, physical addresses, email addresses, and phone numbers, 404 Media reports. From the report:

The stolen data itself does not include the location of Tile devices, which are small pieces of hardware users attach to their keys or other items to monitor remotely. But it is still a significant breach that shows how tools intended for internal use by company workers can be accessed and then leveraged by hackers to collect sensitive data en masse. It also shows that this type of company, one which tracks peoples' locations, can become a target for hackers. "Basically I had access to everything," the hacker told 404 Media in an online chat. The hacker says they also demanded payment from Tile but did not receive a response.

Tile sells various tracking devices which can be located through Tile's accompanying app. Life360, another location data focused company, acquired Tile in November 2021. The hacker says they obtained login credentials for a Tile system that they believe belonged to a former Tile employee. One tool specifically says it can be used to "initiate data access, location, or law enforcement requests." Users can then lookup Tile customers by their phone number or another identifier, according to a screenshot of the tool.

Abstract credit: https://slashdot.org/story/429499

Starting from 2030, Mastercard will no longer require Europeans to enter their card numbers manually when checking out online -- no matter what platform or device they're using. Mastercard will announce Tuesday in a fireside chat with CNBC that, by 2030, all cards it issues on its network in Europe will be tokenized. In other words, instead of the 16-digit card number we're all accustomed to using for transactions, this will be replaced with a randomly generated "token."

The firm says it's been working with banks, fintechs, merchants and other partners to phase out manual card entry for e-commerce by 2030 in Europe, in favor of a one-click button across all online platforms. This will ensure that consumers' cards are secure against fraud attempts, Mastercard says. Users won't have to keep entering passwords every time they try to make a payment, as Mastercard is introducing passkeys that replace passwords.

AWS account holders can now use FIDO2 passkeys as an authentication method.

The Dutch Military Intelligence and Security Service (MIVD) warned today that the impact of a Chinese cyber-espionage campaign unveiled earlier this year is "much larger than previously known."