The worm was first discovered in a 2023 post by security firm Sophos. It became active in 2019 when a variant of malware called PlugX added a feature to infect USB drives automatically. This allowed the malware to spread to new machines without needing any user interaction. Sekoia, a European …
Read More »ALERT: SEKOIA REPORT
WhatsApp warns India to exit, If…
According to the report by several Indian media, social media platform Meta will withdraw its entire service from India if it is forced to breaks encryption. This is what WhatsApp has claimed in the hearing of a case in the Delhi High Court. This was claimed by WhatsApp in the …
Read More »Palo Alto Releases Urgent Fixes for PAN-OS Vulnerability
Palo Alto Networks released hotfixes to fix a serious security flaw in PAN-OS software, being actively exploited. The CVE-2024-3400 vulnerability has a critical CVSS score of 10.0. It is a command injection flaw in the globalProtect feature that allows an unauthenticated attacker to run any code with root privileges on …
Read More »Apple alerts 92 nations to mercenary spyware attacks
Apple warned users in 91 other countries about a possible “mercenary spyware attack”. Apple notified Reuters that the company found evidence of attackers attempting to remotely compromise iPhones. Mercenary spyware attacks are rare but much more sophisticated than regular cybercriminal activity or malware, as stated in the email. Apple also …
Read More »Over 7.5 million “boAt” users personal information leaked
Data of over 7.5 million boAt customers is now on the dark web. This includes personal information like names, addresses, contact numbers, email IDs, and customer IDs. The attacker has released around 2GB of data on a forum. On April 5, a hacker named ShopifyGUY said they hacked the data …
Read More »“Technical glitch” in BTCL server, users facing problems
Mir Mohammad Morshed, GM of PR and Marketing at BTCL said, For technical glitch .bd domain users faced problem while browsing. We are working on it soon it will be ok. The .bd with two others domain servers controlled by Bangladesh Telecommunication Company Limited (BTCL) recently had an error. This …
Read More »
CISA AND RED HAT WARN
Malicious backdoor code embedded in popular Linux tool
Red Hat and the US cybersecurity agency CISA issued a warning on Good Friday about harmful code found in a widely used Linux tool. CVE-2024-3094 is a security vulnerability in XZ Utils, a compression tool widely used in Linux distributions. Red Hat issued an advisory about the problem on Friday …
Read More »ChatGPT is down worldwide: OpenAI fixed issues
Many users around the world are experiencing issues with OpenAI’s ChatGPT, such as not being able to log in, missing chat histories, and chat screens that won’t load correctly. Sometimes when you open ChatGPT, you might get a blank screen that just says “How can I help you today?” without …
Read More »“Tycoon 2FA”: MFA-bypassing phishing kit targets Microsoft 365
In October 2023, Sekoia analysts discovered a new Adversary-in-The-Middle (AiTM) phishing kit used by several hackers for widespread attacks. This kit is linked to the Tycoon 2FA Phishing-as-a-Service (PhaaS) platform, active since at least August 2023. The Sekoia Threat Detection & Research (TDR) team analyzed the Tycoon 2FA PhaaS kit …
Read More »Microsoft to limit access 50 cloud services for Russia: TASS
Microsoft to restrict access to 50 of its cloud products in Russia, as reported by the Russian company Softline. The restrictions will also affect local software, with the deactivation of license keys. Russian media TASS reported the list primarily includes corporate applications such as those for business management, accounting, automation, …
Read More »