In episode 338, we discuss the recent breach of the two-factor authentication provider Authy and its implications for users. We also explore a massive password list leak titled ‘Rock You 2024’ that has surfaced online. Find out why this file…
Tag: EN
Honor Launches ‘World’s Slimmest’ Foldable AI Smartphone
Huawei spin-off Honor looks to compete with Samsung, Huawei, Apple with slim Magic V3 foldable handset that includes on-device AI This article has been indexed from Silicon UK Read the original article: Honor Launches ‘World’s Slimmest’ Foldable AI Smartphone
Tesla Delays Robotaxi Event To October
Tesla shares volatile after report says it delays robotaxi event two months to allow teams to build more prototypes This article has been indexed from Silicon UK Read the original article: Tesla Delays Robotaxi Event To October
SpaceX Falcon 9 Rocket Explodes In Orbit
Second stage of SpaceX Falcon 9 rocket explodes in orbit in company’s first failure since 2016, endangering Starlink satellites This article has been indexed from Silicon UK Read the original article: SpaceX Falcon 9 Rocket Explodes In Orbit
GuardZoo Android Malware Attacking military personnel via WhatsApp To Steal Sensitive Data
A Houthi-aligned group has been deploying Android surveillanceware called GuardZoo since October 2019 to target military personnel in the Middle East by leveraging social engineering tactics and using military-themed lures to trick victims into downloading the malware. Based on a…
Singapore Banks to Phase out OTPs for Bank Account Logins Within 3 Months
The Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS) announced today that major retail banks will phase out the use of One-Time Passwords (OTPs) for bank account logins within the next three months. This change…
A week in security (July 8 – July 14)
A list of topics we covered in the week of July 8 to July 14 of 2024 This article has been indexed from Malwarebytes Read the original article: A week in security (July 8 – July 14)
Several DOD IT Programs Still Don’t Have a Cyber Strategy, Watchdog Finds
The U.S. Government Accountability Office’s annual assessment of the Defense Department’s IT spending revealed that several programs lack approved cybersecurity strategies, leaving them vulnerable to potential cyberattacks. This article has been indexed from Cyware News – Latest Cyber News Read…
Singapore Banks to Phase Out OTPs for Online Logins Within 3 Months
Retail banking institutions in Singapore have three months to phase out the use of one-time passwords (OTPs) for authentication purposes when signing into online accounts to mitigate the risk of phishing attacks. The decision was announced by the Monetary Authority…
Google Lines Up $23bn Swoop For Startup Wiz Security
Google is in talks to acquire security startup Wiz Security This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Lines Up $23bn Swoop For Startup Wiz Security
Malicious NuGet Campaign Tricking Developers To Inject Malicious Code
Hackers often target NuGet as it’s a popular package manager for .NET, which developers widely use to share and consume reusable code. Threat actors can distribute malicious code to many projects by compromising the NuGet packages. In August 2023, ReversingLabs…
ViperSoftX Weaponizing AutoIt & CLR For Stealthy PowerShell Execution
ViperSoftX is an advanced malware that has become more complicated since its recognition in 2020, to the extent that eBooks are used on Torrent sites to spread across systems. Unlike other kinds of malware developers who mainly focus on developing…
Akira Ransomware Attacking Airline Industry With Legitimate Tools
Airlines often become the target of hackers as they contain sensitive personal and financial details of passengers as well as travel schedules and loyalty programs. Since airlines are attractive to threat actors, disrupting their operations can be quite damaging to…
ClickFix Deception: A Social Engineering Tactic to Deploy Malware
McAfee Labs has uncovered a unique malware delivery method called the “Clickfix” infection chain, which starts with users being directed to compromised websites and instructed to paste a script into a PowerShell terminal. This article has been indexed from Cyware…
Exein Raised $16.3 Million Series B to Stop Robotic Arms Going Haywire
Exein, a Rome-based startup, is addressing the critical issue of device security in the IoT space. The company recently secured €15 million (~$16.3 million) in a Series B funding round led by cybersecurity-focused VC 33N. This article has been indexed…
Threat Actor Claiming Breach of Coingecko Database, 1.9M Email Address
A threat actor has claimed responsibility for breaching the database of CoinGecko, a leading cryptocurrency data aggregator. The alleged breach has reportedly compromised 1.9 million email addresses, raising significant concerns about data security in the cryptocurrency industry. The Alleged Breach…
Beware Of Weaponized EBooks That Deliver AsyncRAT
EBooks are popular, and their popularity lucrative threat actors the most, as they are widely shared digital assets that can easily circumvent security measures. Threat actors exploit users’ trust in seemingly harmless documents by embedding malware in eBook files or…
DarkGate Malware Exploiting Excel Files And SMB File Shares
DarkGate, a Malware-as-a-Service (MaaS) platform, experienced a surge in activity since September 2023, employing various distribution methods, including email attachments, malicious ads, and compromised Samba shares. Initially a human-operated command-and-control infrastructure, DarkGate has evolved into a versatile tool offering remote…
Credential-Stealing OSS ‘Crystalray’ Attacks Jump 10X
Crystalray’s attack chain involves using various OSS tools for reconnaissance, scanning, and exploiting vulnerabilities. The group was first discovered in February using the “SSH-Snake” tool to exploit vulnerabilities in Atlassian Confluence. This article has been indexed from Cyware News –…
White House to Require Increased Cybersecurity Protocols for R&D Institutions
Federal research agencies will now require covered institutions to implement cybersecurity programs for research and development security due to threats from China. The goal is to increase awareness of security threats and enable apt responses. This article has been indexed…