You might be interested in …

[SecurityWeek] Cyberespionage Implant Delivered via Targeted Government DNS Hijacking

All posts, Security Week

Threat hunters at Kaspersky have intercepted a new cyberespionage implant being delivered via targeted DNS hijacking of government zones in Eastern Europe and published a new report Wednesday with clues linking the malware to the SolarWinds attackers. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[HackerNews] Code Execution Bug Affects Yamale Python Package — Used by Over 200 Projects

All posts, HackerNews

A high-severity code injection vulnerability has been disclosed in 23andMe’s Yamale, a schema and validator for YAML, that could be trivially exploited by adversaries to execute arbitrary Python code. The flaw, tracked as CVE-2021-38305 (CVSS score: 7.8), involves manipulating the schema file provided as input to the tool to circumvent protections and achieve code execution. Particularly, the  […]

Read More

[SecurityWeek] Android Banking Trojan ‘Vultur’ Abusing Accessibility Services

All posts, Security Week

A newly discovered Android banking Trojan relies on screen recording and keylogging instead of HTML overlays for the capturing of login credentials, according to security researchers at ThreatFabric. read more Source: Read More (SecurityWeek RSS Feed)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.