Kaspersky is alerting SOC teams to a new malware framework it has discovered and linked to the notorious North Korean hacking group known as Lazarus. Dubbed “MATA,” the framework has apparently been in use since around April 2018, mainly to aid in attacks designed to steal customer databases and distribute ransomware. Since that time it appears to have been deployed in a wide variety of scenarios, targeting e-commerce firms, software developers and ISPs across Poland, Germany, Turkey, Korea, Japan and India. The framework itself gives its controllers the flexibility to target Windows, Linux and macOS, and consists of several components including loader, orchestrator and plugins.
In a report shared with The Hacker News, researchers at cybersecurity firm CheckPoint today disclosed details of a minor but easy-to-exploit flaw they reported in Zoom, the highly popular and widely used video conferencing software. The latest Zoom flaw could have allowed attackers mimic an organization, tricking its employees or business partners into revealing personal or other confidential information using social engineering tricks.
Vodafone Business is joining forces with professional services company Accenture to help European businesses bring their cybersecurity up-to-date. The strategic partnership was formed with the mission to give national corporate customers and small to medium enterprises (SME) in Europe access to world-class security services in the form of simple, prefabricated packages. Each package will be specifically designed by a trusted provider to meet the needs of the client. In a statement released today, Vodafone described the new agreement with Accenture as “a key step forward in Vodafone Business’ strategy to offer enterprise-grade cybersecurity to businesses of all sizes.”
Fifteen out of 28 desktop PDF viewer applications are vulnerable to a new attack that lets malicious threat actors modify the content of digitally signed PDF documents. The list of vulnerable applications includes Adobe Acrobat Pro, Adobe Acrobat Reader, Perfect PDF, Foxit Reader, PDFelement, and others, according to new research [PDF] published this week by academics from the Ruhr-University Bochum in Germany.
The U.S. Department of Justice (DoJ) yesterday revealed charges against two Chinese nationals for their alleged involvement in a decade-long hacking spree targeting dissidents, government agencies, and hundreds of organizations in as many as 11 countries. The 11-count indictment, which was unsealed on Tuesday, alleges LI Xiaoyu (李啸宇) and DONG Jiazhi (董家志) stole terabytes of sensitive data, including from companies developing COVID-19 vaccines, testing technology, and treatments while operating both for private financial gain and behalf of China’s Ministry of State Security.
Cybersecurity researchers today uncovered a new strain of banking malware that targets not only banking apps but also steals data and credentials from social networking, dating, and cryptocurrency apps—a total of 337 non-financial Android applications on its target list.
Dubbed “BlackRock” by ThreatFabric researchers, which discovered the trojan in May, its source code is derived from a leaked version of Xerxes banking malware, which itself is a strain of the LokiBot Android banking trojan that was first observed during 2016-2017.