Cyber Bites

CyCognito Inc today announced its research team has uncovered a significant Cross-Site Scripting (XSS) vulnerability on the web admin interface of Cisco small business router models RV042 and RV042G. Cisco routers are popular around the world, and the company has approximately 50% market share in the router and switch market globally. This vulnerability gives attackers an easy path for taking control of a router administrator’s web configuration utility, a position that allows them to perform...

Zoom has been on an epic security journey since the coronavirus pandemic began. As the video conferencing app’s users surged to hundreds of millions within weeks, security issues and vulnerabilities left trust in Zoom at an all-time low. But Zoom quickly responded to criticism of its security with a 90 day plan outlined on April 1, which detailed ambitions to make its service safer for millions of users. Now that three months is up, Zoom...

TikTok’s rising alternative, Chingari, has been doing the rounds on social media crossing several million downloads in the last few days. However, a new report indicates that the website of the company behind the app has malicious content pinned to its webpages. Robert Baptiste, a security researcher going by the twitter name Elliot Anderson said that the website of Globussoft, the company under which the Chingari app was incubated, has been compromised. He included a report...

Dozens of US newspaper websites owned by the same company were hacked by the Evil Corp gang to infect the employees of over 30 major US private firms. The cybercriminal outfit lured users with fake software update alerts displayed by the malicious SocGholish JavaScript-based framework. After downloads were made, the employees' computers were the used as a stepping point into their companies' enterprise networks as part of what looks like a series of targeted drive-by...

A new info-stealer and data wiper malware called EvilQuest uses ransomware as a cover to steal files from macOS users. The victims get infected after downloading trojanized installers of popular apps from torrent trackers. EvilQuest was first spotted by K7 Lab malware researcher Dinesh Devadoss and analysed by Malwarebytes' Director of Mac & Mobile Thomas Reed, Jamf Principal Security Researcher Patrick Wardle, and BleepingComputer's Lawrence Abrams. Source: BleepingComputer

Xerox Corporation is the latest victim of the Maze ransomware operators. Hackers have encrypted its files and threatened to release them. Maze ransomware operators have breached the systems of the Xerox Corporation and stolen files before encrypting them. The company did not disclose the cyberattack, but the Maze ransomware operators published some screenshots that show that a Xerox domain has been encrypted. One screenshot shows that hosts on “eu.xerox.net,” managed by Xerox Corporation, were hacked....

The Cybereason Nocturnus team is investigating a new campaign involving FakeSpy, an Android mobile malware that emerged around October 2017. FakeSpy is an information stealer used to steal SMS messages, send SMS messages, steal financial data, read account information and contact lists, steal application data, and do much more. FakeSpy first targeted South Korean and Japanese speakers. However, it has begun to target users all around the world, especially users in countries like China, Taiwan,...

One of Hong Kong’s most prominent pro-democracy activists, has disbanded his party after China’s top legislative body passed a national security law for the territory. Tam Yiu-chung, a member of China’s rubber-stamp legislature, said full details of the law would only be released once the meeting closed on Tuesday. But in a sign that the law is already having a chilling effect on local politics, the pro-democracy opposition party headed by Joshua Wong, Demosisto, announced...

Bitdefender researchers identified the APT group StrongPity  targeting victims in Syria and Turkey. They used watering hole tactics to selectively infect victims and deploying a three-tier C&C infrastructure to thwart forensic investigations, the APT group leveraged Trojanized popular tools, such as archivers, file recovery applications, remote connections applications, utilities, and even security software, to cover a wide range of options that targeted victims might be seeking. The data gathered while investigating this group suggests the...

On Monday, India banned 59 Chinese mobile apps, including TikTok and WeChat, over national security and privacy concerns - two weeks after a deadly Himalayan border clash between the nuclear-armed neighbours. Relations between the world's two most populous nations have been strained following the deaths of 20 Indian troops in hand-to-hand fighting with their Chinese counterparts on the western end of the high-altitude, contested border in mid-June.   Source: Security Week