Google Unveils Major Update to Authenticator App with Cloud Sync Option. In a major update to its Authenticator app, Google has added an account synchronisation option that allows users to back up their time-based one-time passwords (TOTPs) codes to the cloud. The update, which also brings a new icon to the two-factor authenticator (2FA) app, finally brings it in line with Apple's iCloud Keychain and addresses a...
Read More
Google's Cloud Platform was found to have a vulnerability that could allow attackers to plant applications in a victim's account, potentially compromising it permanently and without detection. The flaw, known as GhostToken, was discovered by Israeli security firm Astrix, which alerted Google to the zero-day vulnerability in July 2022. An attacker who successfully compromised a victim's account could read their Gmail, access their files and photos,...
Read More
Russian APT28 hackers, also known as Fancy Bear and other aliases, have been targeting unpatched Cisco routers in a malware operation since 2021. The UK National Cyber Security Centre (NCSC) and the US' National Security Agency, Cybersecurity and Infrastructure Security Agency, and the FBI issued a joint advisory outlining the APT28 exploitation tactics. The attackers exploited CVE-2017-6742, a bug in the Simple Network Management Protocol (SNMP)...
Read More
A new malware loader has been discovered by security researchers that is being used as part of the infection chain for the Aurora information stealer. The loader is successful at avoiding detection by security solutions due to its anti-virtual-machine (VM) and unusual compilation techniques. The Aurora infostealer is a modular malware-as-a-service platform that can be used as a downloader to deploy additional payloads as well as...
Read More
Polish government officials have issued a warning that a cyberespionage group, believed to be linked to Russia's intelligence services, is targeting diplomatic and foreign ministries from NATO and EU member states. The group, known as APT29, Cozy Bear, and NOBELIUM, is believed to be part of Russia's Foreign Intelligence Service (SVR). This group was responsible for the 2020 supply chain attack against software company SolarWinds, which...
Read More
The US Cybersecurity and Infrastructure Security Agency (CISA) has released seven advisories this week about vulnerabilities in industrial control systems (ICS) and supervisory control and data acquisition (SCADA) software from various vendors. These advisories cover critical flaws, two of which have public exploits. The affected products include ScadaFlex II controllers made by Industrial Control Links, Screen Creator Advance 2 and Kostac PLC programming software from JTEKT...
Read More