The newly discovered Linux malware, DISGOMOJI, has been attributed to a Pakistan-based threat actor known as UTA0137. It is written in Golang and compiled for Linux systems. Volexity assesses with high confidence that UTA0137 has espionage-related objectives and a remit to target government entities in India. Based on Volexitys analysis, UTA0137s campaigns appear to have been successful. Volexity also uncovered that UTA0137 used DirtyPipe (CVE-2022-0847) privilege escalation exploits against vulnerable BOSS 9 systems....

The attack locked the pathology services provider out of its systems until Sunday, June 9. In the meantime, we would urge patients to attend for their appointments as planned unless they are contacted. This will ensure that the trust can continue to provide services to its own patients while supporting others. source: www.techworm.net

There are indications that CVE-2024-32896 may be under limited, targeted exploitation, the companywarnedthis Tuesday. All supported Google devices will receive an update to the 2024-06-05 patch level. We encourage all customers to accept these updates to their devices. If you have a Google Pixel gadget, it is recommended that you apply the security update now. Then, tap on Install and restart the rig to complete the update process. Check out the security bulletinhereto learn more about the June 2024 updates for Google Pixel devices....

Apparently, the threat actors were already aware of this vulnerability two months prior to Fortinet disclosing the vulnerability. During this so-called zero-day period, the actor infected 14,000 devices alone. This gave the state actor permanent access to the systems. It is currently unknown how many victims have actually installed the malware. We will not allow any country or individual using Chinese infrastructure to engage in such illegal activities. source: www.techworm.net

Lets have a look at some of the highlighted features in macOS Sequoia. It also works great with StandBy, which stays visible, so users can get information at a glance. Passwords seamlessly sync between a users Apple devices and Windows with the iCloud for Windows app. Gaming A star-studded line-up of new games will be coming to the Mac platform in the coming months. The impressive line-up will use new features like Personalised Spatial Audio to provide a more immersive gaming experience....

After waiting almost two years since the AI revolution, Apple finally announced Apple Intelligence. Its a personal AI service integrated into iPhone, iPad and Mac. Apple made the announcement during the WWDC 2024 keynote on June 10th, 2024. The keynote also witnessed the announcement of iOS 18, iPadOS 18 and macOS Sequoia. Apple intelligence is heavily integrated with all these devices and will be available on Apple Silicon devices. All these features will be available on iPhone, iPad, and Mac in Fall 2024....

After downloading the source code, the researchers added their own code and copied all the marketing resources. The team was able to publish their harmful extension within just 30 minutes. The researchers chose not to disclose the names of the affected companies. 2,304are using another publishers GitHub repo as their official listed repository, suggesting copycat extensions. This issue poses a direct threat to organizations and deserves the security communitys attention, the researchers warned....

In recent years, the popularity of sharing images and videos has skyrocketed. For instance, in 2023,the Huffington Postreported that a staggering 92 million selfies are taken every day. After all, images and videos are beautiful ways of expressing our true, creative selves. One way of achieving this is to use a photo editing app. According toStatista, 40% of smartphone owners use a photo-editing app, so why not join the club?...

Apple is reportedly planning to launch a new standalone Passwords app that aims to simplify for users to sign on to websites and software. A new report fromBloombergs Mark Gurman, who cited people who asked to remain anonymous, stated the new homegrown app called Passwords will generate passwords and keep track of them. It will generate and store passwords similar to popular third-party password manager apps such as 1Password, LastPass, and Proton Pass, which offer password management functionalities....

Users will be required to access using some form of biometric authentication, such as fingerprint or facial recognition. These features use advanced AI methods to help prevent malware from accessing data like Recall. The updates will take effect before Recall (preview) ships to customers on June 18. source: www.techworm.net

Developers have been using PHP on Windows Servers for decades. Judging by its popularity, PHP is considered secure to run on a Windows Server or other infrastructure. This vulnerability is currently tracked as CVE-2024-4577 and is described as a CGI argument injection vulnerability. Within 24 hours of public exposure to this vulnerability, several attacks were made against PHP servers in Egypt. More importantly, the CVE-2024-4577 vulnerability can affect all versions of PHP installed on Windows....

The federal agency is urging potential victims tocontact the Bureaus Internet Crime Complaint Center (IC3). In its keynote, Vorndran blamed the growth of Lockbit on its creator, Dimitri Khoroshev. LockBit was set up by a Russian coder named Dmitry Khoroshev. He maintains the image of a shadowy hacker, using online aliases like Putinkrab, Nerowolfe, and LockBitsupp. We will not go easy on him, added Vorndran. source: www.techworm.net

We have taken measures to stop this attack and prevent it from happening in the future. According to TikTok, the cyberattack had taken place through the apps direct messaging feature. source: www.techworm.net