New Linux NetFilter Kernel Flaw Let Attackers Gain Root Privileges

andreasc
-
0
New Linux NetFilter Kernel Flaw Let Attackers Gain Root Privileges
[ad_1]
Linux NetFilter Kernel Flaw

A recently found Linux NetFilter kernel vulnerability, identified as CVE-2023-32233, enables unprivileged local users to gain root-level privileges and full control over the affected system. However, the severity of the flaw has not yet been assessed.

The security issue with Netfilter nf_tables results from accepting invalid configuration updates, leading to subsystem state corruption through certain invalid batch requests.

New Linux NetFilter Kernel Flaw

Netfilter, an essential part of the Linux kernel, can be manipulated to create a use-after-free vulnerability, allowing unauthorized access and manipulation of kernel memory.

Security researchers developed and shared a proof-of-concept exploit to demonstrate the exploitation of CVE-2023-32233, a vulnerability affecting multiple Linux kernel versions, including the current stable release, v6.3.1, but requiring local access a Linux device for exploitation.

Engineer Pablo Neira Ayuso submitted a Linux kernel source code commit that introduces two functions to handle the lifecycle of anonymous sets in the Netfilter nf_tables subsystem, effectively preventing memory corruption and the potential privilege escalation to the root level by addressing the use-after-free issue.

Researchers Patryk Sondej and Piotr Krysiuk found a security flaw in Linux that enables unprivileged local users to gain root access, sharing their exploit privately with the Linux kernel team along with detailed techniques and source code to aid in developing a fix.

The analysts announced their intention to release the exploit and its detailed techniques, in accordance with the Linux-distros list policy, on May 15th, 2023, within the required 7-day timeframe.

Obtaining root-level access on Linux servers is a valuable tool for hackers, but CVE-2023-32233 requires attackers to first gain local access to the system before exploiting it, which is a mitigating factor.

While apart from this, in the mainline kernel git repository, the fix for the problem is available.

EHA

[ad_2]
Source link

Update now! May 2023 Patch Tuesday tackles 3 zero-day vulnerabilities

andreasc
-
0
Update now! May 2023 Patch Tuesday tackles 3 zero-day vulnerabilities
[ad_1]

Microsoft’s Patch Tuesday round up for May 2023 includes patches for three zero-day vulnerabilities and one critical remote code execution vulnerability

It’s that time of the month again: We’re looking at May’s Patch Tuesday roundup. Microsoft has released its monthly update, and while the total number of patched vulnerabilities is relatively low at 38, among them are three zero-day vulnerabilities.

Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available. Of the three included in this month’s update cycle, two have been found to be actively exploited and the third has been publicly disclosed.

The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. The three zero-days are listed as:

  • CVE-2023-29336: a Win32k Elevation of Privilege (EoP) vulnerability. Exploitation of this vulnerability in the Win32k Kernel driver could provide an attacker with SYSTEM privileges. The Cybersecurity & Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
  • CVE-2023-24932: a Secure Boot security feature bypass vulnerability. To exploit the vulnerability, an attacker needs either physical access or administrative rights to a target device to install an affected boot policy. The vulnerability has been used to install the BlackLotus UEFI bootkit, a type of malicious infection which targets the Master Boot Record located on the physical motherboard of the computer.  Attaching malicious software in this manner can allow for a malicious program to be executed prior to the loading of the operating system. The primary benefit to a bootkit infection is that it cannot be detected by standard operating systems processes because all of the components reside outside of the Windows file system. UEFI and Secure Boot have been very effective in reducing the number of bootkits, but this vulnerability allows an attacker to bypass those restrictions.
  • CVE-2023-29325: a Windows OLE Remote Code Execution (RCE) vulnerability. This vulnerability is present in Microsoft Outlook and Explorer and can be exploited by attackers in order to remotely install malware. Microsoft says this vulnerability can be exploited merely by viewing a specially-crafted email in the Outlook Preview Pane. This type of RCE vulnerability is bound to become very popular among malware peddlers, and knowing that it has been publicly disclosed means that it is available for them to use. Microsoft advises users that can’t install the patch immediately to read email messages in plain text format.

Another vulnerability to keep an eye on is an RCE vulnerability with a CVSS score of 9.8 out of 10. Listed as CVE-2023-24941 this is a Windows Network File System (NFS) RCE vulnerability which can be exploited over the network by making an unauthenticated, specially crafted request. This vulnerability is not exploitable in NFSV2.0 or NFSV3.0. Prior to updating your version of Windows that protects against this vulnerability, you can mitigate an attack by disabling NFSV4.1. This could adversely affect your ecosystem and should only be used as a temporary mitigation. More information about how to do this and when not to can be found in the Microsoft advisory about this vulnerability under Mitigation.

Other vendors

Other vendors have synchronized their periodic updates with Microsoft. Here are few major ones that you may find in your environment.

Apple released an update addressing two actively exploited zero-day flaws.

Cisco released security updates.

Google has released Android updates.

Mozilla releases security advisories for Firefox 113 and Firefox ESR 102.11.

SAP released patch day updates.

VMWare fixed four vulnerabilities in virtualization software.

Malwarebytes EDR and MDR remove all remnants of ransomware and prevent you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

TRY NOW


[ad_2]
Source link

Twitter improves messaging, readies voice and video call support

andreasc
-
0
Twitter improves messaging, readies voice and video call support
[ad_1]

Messaging on Twitter is getting a lot better. The company has announced improved DM replies and more emoji reactions. It is also gearing up to add voice and video call support along with encrypted messaging.

According to a recent tweet from Twitter Support, you can now reply to any message in a conversation. Similar to messaging apps like WhatsApp and Telegram, you can select a message and send a reply specific to it. Twitter currently doesn’t have this ability. You cannot mark your response as a reply to any specific message you receive in DMs. This change makes “conversations smoother and more intuitive,” the company says.

On that note, Twitter DMs now support a lot more emoji reactions as well. “We’ve also added a new Emoji Picker to DMs, allowing you to react to messages with a wider range of emojis than ever before,” Twitter Support said. In a separate tweet, Elon Musk added that you can use any emoji reaction. Currently, you can choose from seven emojis to react to a message, including haha, wow, cry, love, fire, thumbs up, and thumbs down.

Since these features are new to Twitter, they may not always work perfectly. Moreover, availability appears limited to mobile apps. But the company assures that it is already working on improving the new features. It will soon improve the rendering for replies to media messages. Additionally, the social network giant is also preparing to bring these features to the web version of Twitter.

Twitter will add voice and video call support

While Twitter Support didn’t share anything else, the aforementioned tweet from Elon Musk contained more information. Firstly, he announced that Twitter will finally start encrypting messages. “Release of encrypted DMs V1.0 should happen tomorrow. This will grow in sophistication rapidly. The acid test is that I could not see your DMs even if there was a gun to my head,” he said on Tuesday evening.

Additionally, Musk revealed Twitter’s plans to add voice and video call support. The Twitter CEO says you will be able to call anyone on the platform using your handle. You don’t need to share your phone number or know the other person’s phone number. This ability is “coming soon” but we don’t have a timeline. But the wait shouldn’t be much longer. Elon Musk has always wanted to encrypt Twitter DMS and support voice and video calls. He has talked about these features several times in the past. His latest announcement suggests the wait is almost over. Stick around and find out.


[ad_2]
Source link

MediaTek Dimensity 9200+ official with massive CPU and GPU boost

andreasc
-
0
MediaTek Dimensity 9200+ official with massive CPU and GPU boost
[ad_1]

MediaTek has launched the Dimensity 9200+, its latest flagship chipset for smartphones. It’s an upgraded version of the Dimensity 9200 launched in November last year. The new chip brings a much faster CPU and GPU while keeping most other things unchanged. The first batch of devices powered by the new MediaTek processor will arrive later this month.

MediaTek launches Dimensity 9200+ with much faster CPU and GPU

The Dimensity 9200+ is a 4nm processor with an octa-core CPU setup. It features one ARM Cortex-X3 prime core clocked at 3.35GHz, three Cortex-A715 medium cores clocked at 3.0GHz, and four Cortex-A510 efficiency cores operating at a maximum frequency of 2.0GHz. In comparison, the Dimensity 9200 has its CPU cores clocked at 3.05GHz, 2.85GHz, and 1.80GHz, respectively.

This is a massive CPU frequency boost for a mid-year refresh from MediaTek. In the past, it mostly equipped the “Plus” version with a faster prime CPU core and GPU while keeping most other things unchanged. Speaking of the GPU, the Taiwanese firm didn’t reveal the precise frequency of the ARM Immortalis-G715 MC11 GPU on the Dimensity 9200+. However, it said the new chip brings a 17 percent performance boost. The GPU is clocked at 981MHz on the Dimensity 9200.

According to MediaTek, these CPU and GPU upgrades on the Dimensity 9200+ don’t come at a cost of power efficiency. “Power consumption remains the same versus the Dimensity 9200,” it assured. The new chip doesn’t bring any other notable upgrade, though. Both chipsets are manufactured by TSMC using its second-gen 4nm process node. They share the ISP (Image Signal Processor), cellular modem, connectivity options, AI Processing Unit, display specs, connectivity, and more.

For a quick recap, the Dimensity 9200 supports up to 320MP cameras with 8K video recording at 30fps (frames per second). It can handle Full HD+ displays with up to 240Hz refresh rate and WQHD displays with up to 144Hz refresh rate. The chip offers both sub-6GHz and mmWave 5G connectivity with multi-mode and carrier aggregation. The Dimensity 9200 also supports the latest RAM and storage standards (LPDDR5X RAM and UFS 4 storage). Last but not least, it boasts Wi-Fi 7 and Bluetooth 5.3. All of this carries over unchanged to the Dimensity 9200+.

The new MediaTek chip will ship inside phones later this month

MediaTek hasn’t named any devices that would be using the Dimensity 9200+. However, it confirmed that the new chipset will ship inside phones as early as this month. There are rumors that Vivo is readying new models in the Vivo X90 series with this chip. The Vivo X90 Pro is currently the only Dimensity 9200-powered phone available globally. You can read our review of the phone for its everyday performance.


[ad_2]
Source link

Google launches Compose for TV to help developers create better Android TV apps

andreasc
-
0
Google launches Compose for TV to help developers create better Android TV apps
[ad_1]

With over 150 million monthly active Android TV OS devices in use, Google’s ecosystem is the number one streaming platform worldwide by shipments. That’s one of the reasons the Mountain View company continues to provide Android TV users with many improvements in a timely manner.

Last month Google TV added more than 800 free TV channels for its users to watch in one place. Today, Google announced another important initiative that aims to help developers create Android TV apps easier than ever before.

The alpha version of Compose for TV has been officially introduced earlier today at Google I/O. The latest UI framework makes it easier to develop apps for Android TV, so if you’re a developer, here are some of the key features of Compose for TV:
  • Build apps with less code, making the code simple and easier to maintain
  • Intuitively build your UI. Just describe the UI, and Compose will take care of the rest. As the app state changes, the UI automatically updates.
  • Iterate on existing code and adopt the new framework when and where you want
  • Create beautiful apps that can be easily reused between other form factors, including existing mobile, tablet, foldable, wearable and TV interfaces

Besides Compose for TV, Google revealed the new Android TV Design Guidelines for Android TV. The new guide aims to provide developers with all the tools they need to create TV apps that are visually appealing, intuitive, and immersive. The guidelines have information about everything, including typography, color, navigation, and layout. It should enable developers to create much better TV apps that are easy to use and pleasing to the eyes.

[ad_2]
Source link

Crucial insights and predictions for MSPs

andreasc
-
0
Crucial insights and predictions for MSPs
[ad_1]

How MSPs can prepare for the complex landscape of mobile malware.

Whether a company gives them out or they’re owned by the employees or students, mobile devices are like honey for cybercriminals. And the kicker? Most of these devices are not protected enough.

Just check out the following stats from last year:

  • 18 percent of clicked phishing emails in 2022 came from a mobile device. (Verizon Mobile Security Index 2022)
  • 46 percent of organizations that had suffered a mobile-related security breach in 2022 said that app threats were a contributing factor. (Verizon Mobile Security Index 2022)
  • 9 percent of organizations suffered a mobile malware attack in 2022. (Check Point 2023 Cyber Security Report)

For Managed Service Providers (MSPs), these stats represent more than just figures; they underscore the need for proactive action across their customers’ mobile endpoints.

In this post, we’ll delve into mobile malware trends, gather critical insights, and anticipate future scenarios to prepare MSPs for the complex landscape of mobile malware.

Mobile devices: A new security frontier for MSPs

Understanding Android Droppers: A serious threat to mobile devices

In terms of malware, the most menacing of mobile threats MSPs need to watch out for are Android droppers.

“Mobile Droppers represent the most ‘Trojan’ of all the Trojan Horses,” said Nathan Collier, Senior Malware Intelligence Analyst at Malwarebytes. “Pretending to be an innocent app, like an app you have to pay for on Google Play found free on a third-party app store, tricks the user to allow [the malicious dropper] to enter onto their mobile device.“

Once installed, droppers secretly drop another piece of malware, often more vicious than the dropper itself. This could be any other type of malware, such as HiddenAds or Adware to generate money by ads-per-click. Or even scarier—a backdoor could be placed or a nefarious piece of spyware.

“Droppers can install copies of themselves, and because they can be used to drop software that downloads other malware, they can act as a permanent backdoor into a smartphone.”

According to our 2023 State of Malware Report, droppers accounted for 14 percent of Android detections.

Examples of recent Android malware

iOS isn’t off the hook

While it’s generally harder for malware to get a foothold on iOS, phishing attacks are still a threat. These scams trick users into visiting malicious websites that masquerade as legitimate ones, usually with the promise of a prize or with a request that users install a bogus security app.

“Another trick is a fake ‘You’re infected’ phishing site to install a fake security app,” Collier said. “Although the app you install, often from the Apple store, may be safe, the scammers still get paid-per-click for redirecting to the app.”

The number of phishing sites targeting mobile has shot up by 50 percent from 2019 to 2021. These scams come in all shapes and sizes, like email, banking, and SMS-based (smishing) threats. Some even try to con users into giving up legit two-factor authentication codes.

These scammers often pretend to be big-name companies like Apple, PayPal, or Amazon, making their scams harder to spot.

Predicting the future of mobile malware

Each year, we’re seeing more and more mobile malware, and there’s little evidence that trend will stop.

“Year over year, we have seen an increase of mobile malware since its induction,” said Collier. “As the use of mobile devices increases, so does mobile malware. This is a trend that will continue for the unforeseeable future.”

As an MSP, you need to stay one step ahead of mobile malware to help keep your clients safe. Collier is predicting an uptick in malware and potentially unwanted programs (PUPs) targeting the financial sector.

“This includes fake banking apps to steal online banking credentials, and fake credit loan apps to trick users into entering highly personal information as you would for a loan application,” Collier said. “More specifically, Android/Trojan.Bankbot and Android/PUP.Riskware.FakeCreditLoan.”

Understanding mobile malware trends and being proactive in defending against them is key, but what options are available for comprehensive combined endpoint protection?

Mobile Device Management (MDM) isn’t the solution

A common misconception that we hear when we talk about mobile endpoint security is that MDM is the solution to all of our mobile malware and phishing woes.

It’s not.

Mobile device management services only secure use of corporate data, but are not designed to counter threats such as malware and phishing on iOS and Android devices.

MSPs should look beyond MDM platforms and toward mobile security products that use a variety of techniques, including behavioral analysis, to detect mobile threats. Some features of a robust mobile threat defense product include:

  • 24/7 real-time protection against emerging threats
  • Advanced antivirus, anti-malware, anti-spyware capabilities
  • Malicious app protection
  • App privacy audit
  • Safe web browsing
  • Block ads and ad trackers
  • Filters suspicious fraudulent texts
  • Spam call blocking
  • Malwarebytes makes mobile device security easy

With Malwarebytes Mobile Security for MSPs, you can monitor and protect your clients’ mobile investments from a single pane of glass.

In OneView, our cloud-hosted security platform made for MSPs, all you have to do to get started is activate the endpoint agent for your clients’ mobile devices.

From there, you set how your mobile endpoints behave by adding a new policy and selecting Web protection and Ad block for iOS and Behavior protection for ChromeOS and Android.

Once you save this policy, you’re set!

MSPs can easily begin protecting Chromebooks, Android, iPadOS, and iOS devices, guarding against the latest mobile threats such as ransomware, malicious apps, and PUPs.

With real-time protection, your customers can also prevent accidental access to harmful websites, safeguard against malicious apps, block unwanted in-app ads, and enable a secure mobile experience for their employees.

The Malwarebytes Mobile Security app on IOS (left) and Android (right)

The statistics don’t lie—phishing and malware pose a big threat to mobile endpoint security in 2023. But with a mobile threat defense solution like Malwarebytes Mobile Security, MSPs can crush threats like these and more. Get a free trial and/or quote below!

Try MSP Mobile Security


[ad_2]
Source link

Google used AI to make a hands-free gaming mouse

andreasc
-
0
Google used AI to make a hands-free gaming mouse
[ad_1]

Google has been doing some pretty cool things with AI, but one of the coolest applications of the technology has to be the newly revealed Project Gameface, a hands-free AI-powered gaming mouse that the company announced at Google I/O 2023.

With the help of a webcam, one could use Project Gameface to play PC games that would normally require a mouse for movement, thanks to the AI tech. It works by utilizing the webcam to scan the face and look for head movements and facial gestures. Those movements and gestures then translate to in-game movements of one’s character.

The controls are rather robust and intuitive too. The Gameface software allows you to set up key and mouse bindings for pretty much everything. Opening your mouth for instance could be set to the mouse’s left click. Though there are all kinds of other movement or gesture options as well. Including smiling, looking left, or raising your left eyebrow. You can even set how prominent those movements or gestures would need to be to relay the input. Which should help the software be more adaptable to the needs of different users.

Project Gameface uses Google’s open-source MediaPipe solution, which links together different AI models to give you an output. The output is “a mesh of 468 points on your face that are then converted into telemetry like mouse movement or clicks,” Google’s Lead AI Advocate Laurence Moroney says.

Moroney states that it runs natively on devices and “one of the most amazing things about the technology is that only needs an input from a webcam.”

Project Gameface is co-designed with game streamer Lance Carr

You might be wondering who Lance Carr is. Well, let us introduce you. Lance Carr is a game streamer who lives with muscular dystrophy. If you’re familiar at all with the disease, then you know it weakens your muscles and can make it more challenging to do almost everything. Including gaming. This is where Google comes in. Lance’s house burned down back in 2021 while on stream playing Diablo II. Along with all his expensive equipment, including the adaptive head-tracking mouse that allowed him to play games.

Google caught wind of the story and reached out to Lance. Work soon began between Google and Lance to co-design Project Gameface. Lance’s hope is that this technology can be given to everybody who could use it to make their lives easier.

Google has made the code for the technology open-source as well, and it’s even available in a preview from today for those who want to check it out over at Google’s GitHub repository.


[ad_2]
Source link

Google abolishes the Bard waitlist

andreasc
-
0
Google abolishes the Bard waitlist
[ad_1]

Google I/O is going on right now, and there’s already been a lot of neat stuff announced. One of the main points of interest was AI, and a lot of this conversation was around Bard. Now, according to the company, Google is getting rid of the Bard waitlist.

If you want to know more about what Google announced at Google I/O, you can check out Android Headlines. For example, Google announced the upcoming Magic Editor feature. This will use AI to make edits to photos that would usually take powerful photo editing software. You can read more about it here.

Google is getting rid of the Bard waitlist

Up until this point, Google limited the number of people who could access Bard. As time went on, more people did gain access to the chatbot. However, it was still limited.

Now, thanks to a Google blog post, that is no longer the case. The company announced that it will be getting rid of the waitlist for Google Bard. This means that just about anyone will be able to use the chatbot. This should be a breath of fresh air for people who have been waiting to use Google Bard. A large number of people have been able to gain access so far, so we will see that number increase.

Google Bard has definitely made some improvements since its first launch, but it is still in the testing stage. So, making it available to the public will give Google access to more feedback.

Google is also expanding the languages that Bard can access. In a tweet, Google said that Bard is available in both Japanese and Korean. The company plans to release Bard to over 40 languages this year. This further increases the amount of feedback that Google could get on its chatbot.

We are going to be seeing Bardt integrated into more of Google’s services as time goes on.


[ad_2]
Source link

Immersive 3D View will soon be available for your Google Maps directions

andreasc
-
0
Immersive 3D View will soon be available for your Google Maps directions
[ad_1]

At today’s IO 2023 event, Google unveiled a range of updates for Google Maps that aim to make navigation and exploration easier and more convenient for users. One of the most significant updates is the new “Immersive View” feature, which will now be available for map routes.

“Immersive View” was introduced at last year’s Google I/O and it provided a 3D-like view of key places and landmarks. However, this year, Google is taking this technology one step further and making it available for entire routes.

It uses computer vision and AI to combine billions of Street View and aerial images into a detailed digital picture that will allow you to see everything you need to know about your route at once. This technology displays all route data at once, such as bike lanes, sidewalks, crossroads, and parking while getting directions. There is also a time slider that shows you how air quality and traffic may change throughout the day.

This experience will launch in the summer in the U.S. and will be expanding to fifteen cities by the end of the year. Some of the cities that will benefit from this will be Amsterdam, Berlin, Dublin, Florence, Las Vegas, London, Los Angeles, New York, Miami, Paris, Seattle, San Francisco, San Jose, Tokyo, and Venice.

Additionally, Google is making this experience available to developers that may want to build this into their own apps by launching a new Aeriel View API which is available starting today. Google is also launching an experimental release of Photorealistic 3D tiles via its Maps API. These tiles use the same 3D map source as Google Earth and outputs a 3D mesh model of real-world images textured with high resolution imagery.


These updates represent a significant step forward for Google Maps and demonstrate the company’s ongoing commitment to making navigation and exploration as easy and convenient as possible.


[ad_2]
Source link

13 Domains Linked to DDoS-For-Hire Services Seized

andreasc
-
0
13 Domains Linked to DDoS-For-Hire Services Seized
[ad_1]

A DDoS-for-hire service is a paid service that allows individuals or organizations to launch a Distributed Denial of Service (DDoS) attack on a target website or network.

The US Department of Justice (DOJ) has announced the seizure of 13 domains linked with Distributed Denial of Service (DDoS) for hire services under Operation PowerOFF.

The seized domains are believed to be reincarnations of services that were taken down in a previous sweep in December 2022. The DOJ stated that booter services have been utilized by hundreds of thousands of registered users to carry out attacks against millions of victims, many of whom are educational institutions, financial organizations, government websites, and other online entities.

The DDoS attacks not only disrupt or degrade their access to the internet but can also cause disconnection of internet services for other customers who share the same connection point with the targeted victim and use the same internet service provider.

More on Op PowerOff

  1. Op PowerOff: World’s largest DDoS-for-hire service seized
  2. Op PowerOff: NCA infiltrates cybercrime market with fake DDoS sites

The FBI opened or reactivated accounts on each of the booter services and paid for subscription plans using cryptocurrency. The agency then conducted tests on the websites by initiating DDoS attacks on computers under their control and monitored the effects of the attacks on victim computers.

The results showed that the websites worked as advertised. The coordinated effort is reinforced by law agencies from The Netherlands, United Kingdom, Serbia, Croatia, Spain, Italy, Germany, Australia, Hong Kong, Canada and the United States of America, in cooperation with Europol.

The DOJ’s Operation PowerOFF is an international effort to dismantle criminal DDoS-for-hire infrastructures worldwide, targeting operators who continue to engage in criminal activities.

The four men who pleaded guilty to federal charges related to the operation of booter services are Jeremiah Sam Evans Miller, Angel Manuel Colon Jr., Shamar Shattock, and Cory Anthony Palmer. The FBI’s Anchorage and Los Angeles field offices are investigating the cases of all four defendants who are set to be sentenced this summer.

The seizure of 13 internet domains linked with DDoS for hire services is a significant step in the fight against cybercrime. The DOJ’s efforts to disrupt these illegal services and hold their operators and users accountable demonstrate the commitment of law enforcement officials to protecting victims and preserving the integrity of the internet.

Operation PowerOFF is an ongoing effort by law enforcement agencies from multiple countries to dismantle criminal DDoS-for-hire infrastructures worldwide. The UK’s National Crime Agency (NCA) also recently launched a sting operation as part of Operation PowerOFF, which aims to take down DDoS infrastructure.

  1. Doctor Paid $60k in Bitcoin to Hire Dark Web Hitmen
  2. Cracks down on sites with ties to hack-for-hire groups
  3. Hackers-for-hire APT group found targeting businesses

[ad_2]
Source link
1...1,2381,2391,240...1,452Page 1,239 of 1,452