South America Archives

Winsage

March 20, 2025

11 nation-state groups exploit unpatched Microsoft zero-day

Since 2017, at least 11 state-sponsored threat groups have exploited a Microsoft zero-day vulnerability in Windows shortcut files for data theft and cyber espionage. Researchers from Trend Micro's Trend Zero Day Initiative have identified nearly 1,000 malicious .lnk files utilizing this flaw, designated as ZDI-CAN-25373, which allows attackers to execute hidden commands on victims' devices. The attacks involve various payloads, including the Lumma infostealer and Remcos remote access Trojan, with North Korean operatives responsible for over 45% of the incidents, while Iran, Russia, and China account for approximately 18% each. Notable advanced persistent threat groups involved include Evil Corp, Kimsuky, Bitter, and Mustang Panda. Microsoft has not yet released a patch for this vulnerability, which is considered unusual, and while Microsoft Defender can detect and block related threats, organizations are advised to remain vigilant and implement protective measures against potential exploitation.

Winsage

March 18, 2025

New Windows zero-day exploited by 11 state hacking groups since 2017

At least 11 state-backed hacking groups from North Korea, Iran, Russia, and China have been exploiting a Windows vulnerability tracked as ZDI-CAN-25373 since 2017 for data theft and cyber espionage. Microsoft has classified this vulnerability as "not meeting the bar for servicing," meaning no security updates will be released. The flaw allows attackers to execute arbitrary code on affected Windows systems by concealing malicious command-line arguments within .LNK shortcut files, using padded whitespaces to evade detection. Nearly 70% of the analyzed attacks linked to this vulnerability were related to espionage, while 20% aimed for financial gain. Various malware payloads, including Ursnif, Gh0st RAT, and Trickbot, have been associated with these attacks. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a malicious file. Microsoft has not assigned a CVE-ID to this vulnerability but is tracking it internally as ZDI-CAN-25373. A Microsoft spokesperson mentioned that the company is considering addressing the flaw in the future.

AppWizard

February 28, 2025

Facebook Messenger is down worldwide as

Users worldwide are experiencing significant disruptions with Facebook Messenger, starting around 10:30 AM ET, affecting regions including the United States, the United Kingdom, Europe, Australia, South America, and Asia. Facebook Messenger has about one billion users as of early 2025. Meta's other messaging platform, WhatsApp, faced similar issues during this outage, with over 8,200 complaints logged on Downdetector in the United States. This incident is reminiscent of a previous outage four years ago that lasted seven hours and resulted in a significant revenue loss, attributed to a faulty update. During that outage, access systems at Facebook's Menlo Park campus were also disrupted. The current situation has led to user frustration and raised concerns about the reliability of major tech firms' infrastructure.

AppWizard

February 28, 2025

India’s first dedicated PC and console game publishing house closes pre-seed founding round

1312 Interactive has completed its pre-seed founding round, establishing itself as India's first dedicated PC and console game publishing house, founded by Deepak Gurijala and Raviteja Mantena. The company aims to discover and publish indie and AA games for global audiences and has received support from industry leaders, including Akshat Rathee, Gautam Virk, Rajat Ojha, and others. The founders plan to elevate Indian games in the global market and are exploring collaborations with developers in Southeast Asia, the MENA region, and South America. They have three titles scheduled for release in 2025: Winds of Arcana, Palm Sugar: A Village Story, and Souls of Bombarika, with plans to introduce six to eight additional games annually.

Tech Optimizer

February 6, 2025

New Report Antivirus software Market to Reach New Heights by 2034

The global antivirus software market is projected to grow from approximately USD 4.5 billion in 2024 to around USD 9.2 billion by 2034, reflecting a compound annual growth rate (CAGR) of about 6.7% from 2025 to 2034. The market is analyzed by various criteria, including type (standalone, integrated, cloud-based), device (computers, tablets, smartphones, servers), operating system (Windows, macOS, Android, iOS, Linux), and end user (individual, enterprise, government). Key players in the industry include Symantec Corporation, McAfee Inc., Kaspersky Lab, Trend Micro Inc., Avast Software s.r.o., Bitdefender, ESET, Sophos, F-Secure, Panda Security, Microsoft Corporation, NortonLifeLock Inc., Check Point Software Technologies, CrowdStrike Holdings, Inc., SentinelOne, Cylance Inc., Malwarebytes, Qihoo 360 Technology Co. Ltd., and AhnLab Inc. The report also provides regional analysis for North America, Europe, Asia-Pacific, South America, and the Middle East and Africa.

Winsage

December 17, 2024

FBI spots HiatusRAT malware attacks targeting web cameras, DVRs

The FBI has issued a warning about HiatusRAT malware that targets vulnerable web cameras and DVRs, particularly focusing on Chinese-branded devices lacking security updates. In March 2024, HiatusRAT actors conducted a scanning campaign against Internet of Things (IoT) devices in the US, Australia, Canada, New Zealand, and the UK. They exploit known vulnerabilities, including CVE-2017-7921, CVE-2018-9995, CVE-2020-25078, CVE-2021-33044, and CVE-2021-36260, as well as weak vendor-supplied passwords. Primary targets include Hikvision and Xiongmai devices with telnet access. Attackers use tools like Ingram and Medusa to exploit devices with exposed TCP ports such as 23, 26, 554, 2323, 567, 5523, 8080, 9530, and 56575. The FBI recommends limiting the use of affected devices and isolating them from broader networks. Previous attacks linked to HiatusRAT include targeting a Defense Department server and compromising businesses through DrayTek Vigor VPN routers. Lumen, a cybersecurity firm, noted that HiatusRAT is designed to deploy additional payloads and turn compromised systems into SOCKS5 proxies. The targeting strategy aligns with broader Chinese strategic interests as highlighted in the 2023 annual threat assessment by the Office of the Director of National Intelligence.

AppWizard

December 12, 2024

Meta goes down: users struggle to access Facebook, Instagram and more

Meta experienced a global outage affecting Instagram, Facebook, WhatsApp, Threads, and Messenger, starting around 1 PM ET. By 5:30 PM, Meta reported being "99% of the way there" in resolving the issues, which had generated over 130,000 complaints according to Downdetector. The outage impacted users in the US, UK, Europe, Asia, Australia, and South America, with specific issue reports as follows: Facebook (over 100,000), Instagram (62,000), Messenger (10,000), WhatsApp (11,000), and Threads (871). Users expressed frustrations on X, criticizing CEO Mark Zuckerberg. This incident followed a similar outage in October, raising concerns about Meta's service reliability.

Tech Optimizer

December 10, 2024

Phone Antivirus Software Market to Witness Massive Growth in Years to Come

HTF Market Intelligence has released a study on the Global Phone Antivirus Software Market, covering 143 pages and analyzing market trends from 2024 to 2032. The market is expected to grow from .7 billion in 2024 to a projected value by 2032, with a CAGR of 10.5%. It includes categories such as Mobile Antivirus, Malware Protection, Anti-theft, and Privacy Protection, and applications like Personal Devices, Mobile Security, Data Protection, and App Security. The report highlights North America as the dominating region and Asia-Pacific as the fastest-growing region. It aims to identify key manufacturers, analyze market share, examine growth factors, assess future trends, and investigate recent developments. A five forces analysis and a PESTLE analysis are included to evaluate market conditions. The report's structure includes sections on market overview, pricing analysis, segmentation, competitive analysis, and research methodology.

AppWizard

December 3, 2024

SpyLoan Android malware on Google Play installed 8 million times

A recent investigation by McAfee identified 15 SpyLoan Android malware apps on Google Play, which collectively received over 8 million installs, mainly targeting users in South America, Southeast Asia, and Africa. These apps disguised themselves as legitimate financial tools, enticing users with false promises of quick loan approvals. Upon installation, users were required to validate their location and submit sensitive personal information. The malware harvested extensive data from users' devices, including SMS messages, GPS locations, and contact lists. Users who secured loans faced high-interest payments and harassment from the operators, who sometimes contacted the borrowers' family members. Notable apps included Préstamo Seguro-Rápido and Préstamo Rápido-Credit Easy, each with 1,000,000 downloads. Despite Google's app review processes, these malicious apps evaded detection. Users are advised to read reviews, check developer reputations, limit app permissions, and activate Google Play Protect.

AppWizard

December 2, 2024

These dangerous Android malware apps have been installed millions of times

Researchers have identified 15 predatory loan applications on the Google Play Store that collectively garnered eight million downloads before being removed. These apps, which falsely advertised low-interest loans, engaged in extortion and harassment of users, particularly targeting individuals in South America, Southeast Asia, and Africa, including countries like Mexico, Colombia, and Senegal. The apps requested a one-time passcode to access user location information for their predatory practices. Users are advised to check app ratings, download numbers, and reviews to verify app legitimacy.