Active since at least 2006 and linked to the Russian government, the cyberespionage group is also tracked as Snake, Venomous Bear, Krypton, and Waterbug, and has been historically associated with the use of the ComRAT malware. Also known as Wauchos or Gamarue, Andromeda has been active since at least September 2011, ensnaring infected machines into […]
The flaws, tracked as CVE-2021-25337, CVE-2021-25369 and CVE-2021-25370, have been chained and exploited against Android phones, but they impact custom Samsung components. The security holes have been described as an arbitrary file read/write issue via a custom clipboard content provider, a kernel information leak, and a use-after-free in the display processing unit driver. Read More
The first year of a Chinese law requiring mandatory disclosure to the government of vulnerability reports correlates to a period of increased zero-day exploitation by Beijing-backed hackers. That’s the conclusion from computing giant Microsoft, which says the mandatory disclosure regulation “might enable elements in the Chinese government to stockpile reported vulnerabilities toward weaponizing them.” Read […]
Latest Comments