CanesSpy Spyware Discovered in Modified WhatsApp Versions

Cybersecurity researchers have unearthed a number of WhatsApp mods for Android that come fitted with a spyware module dubbed CanesSpy.
These modified versions of the instant messaging app have been observed propagated via sketchy websites advertising such software as well as Telegram channels used primarily by Arabic and Azerbaijani speakers, one of which boasts 2 million users.
"The trojanized

https://thehackernews.com/2023/11/caness...ified.html

Predictive AI in Cybersecurity: Outcomes Demonstrate All AI is Not Created Equally

Here is what matters most when it comes to artificial intelligence (AI) in cybersecurity: Outcomes. 
As the threat landscape evolves and generative AI is added to the toolsets available to defenders and attackers alike, evaluating the relative effectiveness of various AI-based security offerings is increasingly important — and difficult. Asking the right questions can help you spot solutions

https://thehackernews.com/2023/11/predic...comes.html

NodeStealer Malware Hijacking Facebook Business Accounts for Malicious Ads

Compromised Facebook business accounts are being used to run bogus ads that employ "revealing photos of young women" as lures to trick victims into downloading an updated version of a malware called NodeStealer.
"Clicking on ads immediately downloads an archive containing a malicious .exe 'Photo Album' file which also drops a second executable written in .NET – this payload is in charge of

https://thehackernews.com/2023/11/nodest...ebook.html

Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments

The threat actors linked to Kinsing have been observed attempting to exploit the recently disclosed Linux privilege escalation flaw called Looney Tunables as part of a "new experimental campaign" designed to breach cloud environments.
"Intriguingly, the attacker is also broadening the horizons of their cloud-native attacks by extracting credentials from the Cloud Service Provider (CSP)," cloud

https://thehackernews.com/2023/11/kinsin...aw-to.html

Mysterious Kill Switch Disrupts Mozi IoT Botnet Operations

The unexpected drop in malicious activity connected with the Mozi botnet in August 2023 was due to a kill switch that was distributed to the bots.
"First, the drop manifested in India on August 8," ESET said in an analysis published this week. "A week later, on August 16, the same thing happened in China. While the mysterious control payload – aka kill switch – stripped Mozi bots of most

https://thehackernews.com/2023/11/myster...-mozi.html

48 Malicious npm Packages Found Deploying Reverse Shells on Developer Systems

A new set of 48 malicious npm packages have been discovered in the npm repository with capabilities to deploy a reverse shell on compromised systems.
"These packages, deceptively named to appear legitimate, contained obfuscated JavaScript designed to initiate a reverse shell on package install," software supply chain security firm Phylum said.
All the counterfeit packages have been published by

https://thehackernews.com/2023/11/48-mal...found.html

[b]Delete IMCR Codes, 2017 Ford F250 6.2L[/b]

Hey guys, I have a 2017 F250 with the intake ticking and read in another forum that you can remove the vacuum hoses from the intake actuator and it...


https://forum.hptuners.com/showthread.php?106630-Delete-IMCR-Codes-2017-Ford-F250-6-2L&goto=newpost

How Do We Truly Make Security 'Everyone's Responsibility'?

When everybody is responsible for a task, sometimes nobody takes ownership. Here are three steps to distribute cybersecurity throughout your organization.

https://www.darkreading.com/edge-ask-the...onsibility

Attackers Target Max-Severity Apache ActiveMQ Bug to Drop Ransomware

More than 3,000 systems are exposed and vulnerable to attack on the Internet.

https://www.darkreading.com/attacks-brea...ransomware

Okta Data Compromised Through Third-Party Vendor

After 1Password, MGM, and Caesars, yet more cybersecurity woes mount for the identity and access management company.

https://www.darkreading.com/remote-workf...rty-vendor