Threat Roundup for June 21 to June 28

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between June 21 and June 28. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats.

Source: Threat Roundup for June 21 to June 28

Advertisements

Cellebrite Claims It Can Unlock Any iPhone

The digital forensics company Cellebrite now claims it can unlock any iPhone. I dithered before blogging this, not wanting to give the company more publicity. But I decided that everyone who wants to know already knows, and that Apple already knows.

Source: Cellebrite Claims It Can Unlock Any iPhone

Fake jquery campaign leads to malvertising and ad fraud schemes

Recently we became aware of new domains used by an old malware campaign known as ‘fake jquery’, previously documented by web security firm Sucuri. Thousands of compromised websites are injected with a reference to an external JavaScript called jquery.js.

Source: Fake jquery campaign leads to malvertising and ad fraud schemes

While we were raging about Putin’s meddling and Kremlin hackers, Five Eyes were pwning Yandex, Russia’s Google

… Are … are we the baddies? Hackers from the Five Eyes intelligence agencies have been accused of breaking into systems at Yandex, dubbed Russia’s Google.…

Source: While we were raging about Putin’s meddling and Kremlin hackers, Five Eyes were pwning Yandex, Russia’s Google

Chrome OS 75 Adds More Mitigations for Intel MDS Flaws

Chrome OS version 75, which Google released on Wednesday in the stable channel, adds more mitigations for recently disclosed Microarchitectural Data Sampling (MDS) vulnerabilities affecting most Intel processors made in the last decade. read more

Source: Chrome OS 75 Adds More Mitigations for Intel MDS Flaws

Exclusive: German Police Raid OmniRAT Developer and Seize Digital Assets

The German police yesterday raided the house of the developer of OmniRAT and seized his laptop, computer and mobile phones probably as part of an investigation into a recent cyber attack, a source told The Hacker News. OmniRAT made headlines in November 2015 when its developer launched it as a legitimate remote administration tool for IT experts and companies to manage their devices with

Source: Exclusive: German Police Raid OmniRAT Developer and Seize Digital Assets