No recent events yet!
The Kenyan government, via the Ministry of Interior, claimed that some of the country's online infrastructures had been struck by a wave of Distributed Denial of Service (DDoS) attacks, rendering the country's online platforms unreachable. The attack began on 23 July 2023, just barely four weeks after President Ruto released thousands of government services on the e-citizen platform in an effort to boost efficiency and reduce corruption. This platform hosts services such as passport applications and renewals, e-visa issuance, driver's licences, identification cards, and national health records. Kenya's well-known mobile payment system, M-Pesa, as well as the National Transport and Safety Authority (NTSA), Kenya Power and Lighting Company (KPLC), and Kenya Railways, have all been impacted. Anonymous Sudan has claimed responsibility for the attacks.
AhnLab Security Emergency Response Centre (ASEC) has revealed that the North Korean state-sponsored Lazarus hacking group is breaching Windows Internet Information Service (IIS) web servers to hijack them for malware distribution. This latest campaign takes advantage of a weakness in INISAFE CrossWeb EX V6 to transmit the Lazarus malware. INISAFE CrossWeb EX V6 is a software used to protect against malicious websites and malware attacks. However, it has been reported that the Lazarus group has exploited a vulnerability in the software to distribute malware. The malware is installed when a system using a vulnerable version of INISAFE CrossWeb EX V6 visits a website via a web browser.
ngCERT recently observed several cases of watering hole attacks that target groups of people who are somehow connected - whether they work for the same company, belong to the same social club, or have a common interest/background. The goal of this attack is to compromise as many of these users' devices as possible and, in some cases, gain access to their organization's network. In other words, a watering hole attack occurs when cyber criminals use skills such as hacking and social engineering to target individuals, groups, or organizations on a website they frequent. Alternatively, the attacker can direct the victim(s) to a website that they have compromised.
Popular WordPress plugin “Essential Addons for Elementor” by WPDeveloper was found to contain a vulnerability that could allow remote attackers to escalate privileges to an administrator on the site. The plugin has more than a million active installations and the vulnerability affects versions 5.4.0 to 5.7.1.
A new method of bypassing user authentication on smartphones running the Android, HarmonyOS, and iOS operating systems has been discovered. The method has been dubbed 'BrutePrint' by its discoverers, Tencent Labs and Zhejiang University, because it employs brute force attacks to crack modern smartphone authentication mechanisms such as fingerprints to bypass user authentication and take control of the device.
