Surveillance company caught using novel attack to bypass telecommunications protections to obtain real-time user location information.
Posted inCybersecurity News

Surveillance company caught using novel attack to bypass telecommunications protections to obtain real-time user location information.

A surveillance company has recently been observed using a novel attack technique to bypass the protections of the Signaling System 7 (SS7) protocol—the global communications protocol that allows mobile networks to connect calls, route SMS messages, and provide roaming service. This new method enables attackers to trick telecommunications operators into divulging the real-time locations of mobile users, sometimes down to a few hundred meters, by finding out which cell tower a phone is attached to.
New Android spyware variants of DCHSpy tied to Iran’s Intelligence Agency.
Posted inCybersecurity News

New Android spyware variants of DCHSpy tied to Iran’s Intelligence Agency.

Security researchers have discovered four new variants of Android spyware, collectively known as DCHSpy, that have been directly linked to Iran’s Ministry of Intelligence and Security (MOIS). These findings, surfacing in the wake of heightened regional tensions following Israeli strikes on Iranian sites, underscore the ongoing evolution and sophistication of Iranian cyber-espionage operations.
A Sweeping Cryptojacking Campaign: 3,500 Websites Compromised with Stealth JavaScript and WebSocket-Based Miners.
Posted inCybersecurity News

A Sweeping Cryptojacking Campaign: 3,500 Websites Compromised with Stealth JavaScript and WebSocket-Based Miners.

A sophisticated, large-scale cryptojacking campaign has compromised over 3,500 websites globally through the injection of stealthy JavaScript-based cryptocurrency miners. This resurgence of browser-based mining echoes the earlier era of CoinHive, but with marked advancements in stealth and persistence techniques. Security researchers from c/side have closely analyzed the campaign and warned of the broad, multi-pronged threats posed by these attackers.
Microsoft SharePoint zero-day exploited in remote code execution attacks around the world.
Posted inCybersecurity News

Microsoft SharePoint zero-day exploited in remote code execution attacks around the world.

Categorized as a remote code execution (RCE) flaw, this vulnerability is currently being exploited on a large scale, allowing attackers to take complete control of exposed on-premises SharePoint servers. As government agencies, educational institutions, energy sector, and major enterprises scramble to secure their infrastructure, understanding the mechanics, impact, and mitigations for this attack has become paramount.