Goldoson malware, a new Android malware outbreak, has been found in over 60 genuine Google Play Store apps with over 100 million downloads. ONE shop, a popular South Korean third-party app marketplace, has logged eight million more installations. The rogue…
Tag: Information Security Buzz
Phishing Operations Escalating As Threat Actors Utilize AI Tools
In the latest ThreatLabz Phishing Report from zero trust security firm Zscaler, the number of phishing campaigns worldwide increased by about 50% in 2022 compared to 2021, partly because of new AI tools that threaten actors could access and phishing…
Apple MacOS Devices Now Subject Of LockBit Ransomware
According to MalwareHunterTeam, the LockBit ransomware group is purportedly working on a new variant of malware that may encrypt data on Apple macOS. Although LockBit has traditionally concentrated on Linux and Windows systems, this would be the first instance of…
NCR Datacenter Affected By Massive Ransomware Attack
Ransomware struck American payments company NCR datacenter, focusing on one of its data facilities in Aloha, Hawaii. A few days after beginning to look into a “problem” with its Aloha restaurant point-of-sale (PoS) product, the company disclosed the hack on…
Google Uncovers “APT41” Tools Targeting Media And Job Sites
The data theft assaults against a Taiwanese media outlet and an Italian job search firm were carried out by the Chinese state-sponsored hacking organization APT41, which was discovered abusing the GC2 (Google Command and Control) red teaming tool. Chinese state-sponsored…
Chinese App Uses Android Flaw To Spy On Users, CISA Warns
The Chinese app for e-commerce Pinduoduo is suspected of having used a high-severity Android vulnerability as a zero-day to spy on its users, in line with the U.S. Cybersecurity and Infrastructure Security Agency (CISA). For unpatched Android devices, this security…
What Are Computer Worms And How To Prevent Them
Have you ever heard of computer worms? These malicious programs can cause havoc on your computer system and compromise your data. In the world of cybersecurity, computer worms are a serious threat. They are malware that spreads through networks, infecting…
Catch Up On News And Events That Happened This Week
Here is catching up on news and events that happened this week in the world of cybersecurity. Estonian National Charged in U.S. for Acquiring Hacking-Tools An Estonian was prosecuted for buying U.S. military and government equipment for Russia. On March…
Darktrace Research Reveals No Proof Of LockBit Compromise
On Thursday, the cybersecurity firm Darktrace released a statement after being mentioned on the LockBit ransomware group’s breach website. We learned of tweets from the cybercriminal LockBit earlier this morning, which claimed to have infiltrated Darktrace’s internal security systems and…
Kodi Data Breach Hits 400,000 Users’ Records & Private Messages
After hackers stole the Kodi Foundation’s MyBB forum database, which contained user information and private messages, and made an attempt to sell it online, the organization disclosed the Kodi data breach. Open-source, cross-platform Kodi is a media player, organizer, and…
How To Easily Cut Cloud Costs In A Time Of Soaring Expenses
European cloud costs are soaring, with analysts predicting an increase of almost a quarter this year alone. As a result, enterprises are adjusting cloud strategies to ensure greater efficiency and control. That includes more effective use of network monitoring –…
WhatsApp Improves Defense Against Malware-Based Account Takeover
Many new security features for WhatsApp have been unveiled today, one of which is called “Device Verification” and is intended to offer improved defense against account takeover (ATO) assaults. Device Verification stops malware from impersonating accounts and using stolen authentication…
Superyacht-Maker Lürssen, Targeted By Ransomware Attacks
Over the Easter weekend, a well-known manufacturer of high-end yachts for the super-wealthy was the victim of a ransomware assault; however, it is unclear if private client data was taken. German Superyacht-Maker Lürssen, established in 1875, is thought to generate…
Hyundai Data Breach In France & Italy Reveals Car Owners
Hyundai Notifies Vehicle Owners in France and Italy of Data Breach. Hyundai, a South Korean multinational automaker that sells over 500,000 automobiles a year throughout Europe, has announced a data breach that has affected car owners in France and Italy.…
Lazarus Hacker Group Evolves Means In DeathNote Campaign
DeathNote’s Lazarus Hacker Squad Evolves Its Strategies, Tools, and Targets as part of a long-running operation known as DeathNote. The Lazarus hacker Group, a North Korean threat actor, has been observed swiftly developing its tools and methods and shifting its…
Top 10 AI Jobs Taking Over With Automation
As technology evolves, artificial intelligence is becoming more prevalent in various industries. While AI technology is designed to make our lives easier, it’s also transforming job industries and taking over human responsibilities. Here we look at automation processes that AI…
Finding ChatGPT Vulnerabilities May Pay Hackers Up To $20,000
As part of its bug bounty program, introduced on April 11, 2023, OpenAI is paying white hat hackers up to $20,000 to discover security holes and ChatGPT Vulnerabilities. The ChatGPT developer introduced the effort as part of their dedication to…
Top 17 Free Online Phishing Tools
With the increase in online transactions and digital communication, the threat of phishing scams has become more prevalent than ever hence the need for phishing tools. Phishing scams have become increasingly common in recent years and can significantly threaten your…
Insider Threat and Ransomware: A Growing Issue
Ransomware is a growing epidemic. 2022 saw a slew of high-profile attacks leading to massive paydays for cybercriminals. While the headlines sound the alarm for businesses concerned about their data safety, they create allure amongst would-be thieves looking for their…
Cybercriminals To Add Android Malware On Google Play Up To $20,000
Depending on the type of malicious behaviour that online criminals demand, malware producers have established a booming market. This is where they offer to add dangerous Android malware apps to Google Play for anywhere between $2,000 and $20,000. On hacker…
Yum! Brands Report Data Breach After Ransomware Attack
A notice of security breach to warn the public has been filled by a Yum! Brands, Inc., the parent company of KFC, Pizza Hut, Taco Bell, and The Habit Burger Grills. Based on a cybersecurity incident that happened in mid-January…
Military Intel Leak Investigated By US Officials
Top US officials are investigating a military intel leak. This extraordinary level of detail in the files revealed how the United States spies on both allies and enemies. This has left U.S. officials and their foreign allies stunned and occasionally…
Estonian National Charged in U.S. for Acquiring Hacking-Tools
An Estonian national has been accused in the US of buying electronics and computer hacking tools developed in the US on behalf of the Russian military and government. Andrei Shevlyakov was detained on March 28 in Estonia. In the US,…
Detailed Analysis Of The Best Password Managers In 2023
Online security is now a top worry for all internet users in the digital era. Using secure and distinctive passwords for each of your online accounts is one of the primary steps to protecting your online identity and sensitive data.…
Review Of News And Events That Happened This Week
Here is the rundown of news and events that happened this week in the world of cybersecurity. TMX Financial Reveals 4.8 Million Persons Affected By Data Breach TMX Finance, an American consumer loan company, announced a major data breach three…
MSI Confirms Cyberattack After Fresh Demand From Ransomware Group
MSI (short for Micro-Star International), a Taiwanese PC vendor, revealed today that its network had been compromised in a cyberattack in response to claims of a ransomware attack. The Money Message ransomware group allegedly breached some of MSI’s systems earlier…
Microsoft, Fortra Gains Legal Rights Against Cobalt Strike Abuse
To combat the widespread exploitation of Cobalt Strike abuse, a legitimate testing tool that attackers have used to devastate the healthcare sector, Microsoft and two partner organizations have been given a court order. In a project unveiled on Thursday, the…
OpenAI To Proffer Solutions To Italy’s ChatGPT Ban
Regulators announced Thursday that the company behind ChatGPT would submit ways to address the data protection issues that prompted a temporary Italian ban on the artificial intelligence chatbot. This means that OpenAI to profer solutions to Italy’s ChatGPT ban. Last…
Google Wants Android Apps To Have More Control Of Data Policy
Google strives to increase the security of Play Store apps and make users more aware of how Android apps use their data. Google is adopting a new policy for Android apps developer to give users and developers more control and…
How HTTPS Works And Overview Of Its Components
In the modern world, technology has enabled people to connect and communicate virtually anywhere. With the internet being a critical part of our lives, we transmit and receive a vast amount of sensitive data daily, from banking information to personal…
YouTube Alerts About Phishing Emails that Appear Authentic
The authentic no-reply@youtube.com email address is being used in a new phishing scam that YouTube is investigating and alerting users to. The scam attempts to trick users into divulging their login information. One of the biggest video-sharing websites in the…
Marketplace 600K Records Leaked by Database Snafu
More than 600,000 records from a well-known online store have leaked due to a database bug. Concerns have been made about the security and privacy of users’ personal information in the wake of the incident brought on by a system…
Google TAG Alerts Of ARCHIPELAGO Cyberattacks Linked To North Korea
In a new revelation, North Korean military-linked hackers posed as journalists to target North Korean policy experts. The research from Google’s Threat Analysis Group (TAG) follows Mandiant’s analysis from last week. APT43, a group of alleged North Korean government hackers,…
Spain’s Extremely Dangerous And Evasive Hacker Now In Custody
The police in Spain have taken José Luis Huertas, 19, into custody. He goes by the aliases “Alcaseca,” “Mango,” and “Chimichurri.” The creation of the Udyat (the eye of Horus) search engine, which is dedicated to selling massive quantities of…
Police Capture Genesis Market, Biggest Venue For Online Fraud
One of the most important online criminal sites, Genesis Market, was taken down on Tuesday in an FBI-led investigation involving more than a dozen international partners. Genesis has been connected to millions of financially driven cyber incidents worldwide, from fraud…
Arid Viper Using Upgraded Malware In Middle East Cyberattacks
Since September 2022, Palestinian entities have been targeted by Arid Viper, a threat actor observed using updated versions of its malware toolkit. According to Symantec, which monitors the group under the name Mantis, the adversary is taking significant measures to…
TikTok Fined £12.7 Million For Violating Children Data Protection
TikTok was fined £12.7 million (~$15.7M) for violating UK’s children data protection law, particularly child protection requirements. The Information Commissioner’s Office (ICO) said today that the video-sharing site “did not do what is expected” to examine who was using their…
OneNote Security Tightened By Microsoft To Block 120 File Extensions
After allegations that the note-taking service is being increasingly misused for malware transmission, Microsoft has revealed steps to automatically remove embedded files with “dangerous extensions” in OneNote security. Users were previously presented with a window warning them that opening specific…
Capita Cyberattack Made Its Microsoft Office 365 Programs Inaccessible
Capita has acknowledged that a cyberattack occurred last Friday. Many clients across the UK, including government organizations, experienced disruption due to the incident, which disrupted access to internal Microsoft Office 365 apps at the IT services and consultancy firm. In…
Western Digital Reveals Network Breach, My Cloud Is Unavailable
Western Digital reported today that a compromise in its network allowed an unauthorized person access to several corporate systems. The network security vulnerability was discovered last Sunday, March 26, according to a press release from the California-based manufacturer of computer…
TMX Financial Reveals 4.8 Million Persons Affected By Data Breach
On March 30, 2023, TMX Finance Corporate Services, Inc. (hereafter referred to as “TMX Finance” or “TMX”) notified the Attorney General of Maine of a data breach. This is after realizing that a third party had gained access to and…
Summary Of News And Events That Happened This Week
Here is the rundown of news and events that happened this week in the world of cybersecurity. 14 Million Customer Details Breached In Latitude Financial Firm A significant security breach took the personal data of 14 million Australians and New…
Tor Browser: What Is It? And How It Can Aid In Identity Protection
Privacy and anonymity are increasingly becoming rare commodities in today’s digitally-driven world. With governments and corporations tracking our online activities, protecting our identity and online data has become imperative. One such action is using the Tor Browser without disclosing your…
FDA Sets New Medical Devices Cybersecurity Standards
Beginning on October 1, the Food and Drug Administration(FDA) will “refuse to accept” medical devices and associated systems due to cybersecurity concerns, according to a March 29 announcement from the agency. Beginning March 29, all new device submissions must have…
Maintaining Data Integrity With Growing Cybersecurity Concerns
The significance of keeping data integrity has never been more important in a world where data breaches appear to occur every day. It is because cybersecurity threats are expanding at an alarming rate. Businesses must take proactive steps to ensure…
Ukraine Cyberpolice Dismantles Fraud Ring That Stole $4.3 million
The Ukraine cyberpolice has detained members of a fraud ring that defrauded over a thousand people in the EU out of over $4,300,000. The criminal organization set up over 100 fictitious “phishing” websites to lure customers with discounted goods from…
Supply Chain Attack By Hackers On 3CX Desktop App
The 3CX desktop app is being utilized with a digitally signed and trojanized version by an ongoing supply chain attack to target the customers of the business. 3CX is a software development company that specializes in VoIP IPBX, and its…
US Gives Costa Rica $25M For Eradication Of Conti Ransomware
The US provides $25 million to Costa Rica for the eradication of Conti ransomware. To aid the nation in recovering from a devastating ransomware attack that rendered numerous crucial agencies inoperable last year, the US government is handing the government…
iOS vs. Android – Which Is The More Secure Platform?
When it comes to choosing a mobile operating system, the two giants that come to mind are iOS vs. Android. Both offer unique features and functionalities, but security is one of the most critical factors users consider when choosing a…
Barracuda Ransomware Report
38% of organisations hit with ransomware in 2022 were repeat victims Highlights: Barracuda Networks, Inc., a trusted partner and leading provider of cloud-first security solutions, today published its 2023 Ransomware Insights report, which shows that 73% of the organisations surveyed report…
North Korean APT43 Group Finances Spy Activities Via Cybercrime
The North Korean APT43 cybercrime group, the threat intelligence firm Mandiant thinks is using cybercrime to finance espionage operations, was the subject of a report released by Mandiant. The group, also known as Hidden Cobra, has a history of participating…
New Fake Tor Browser Theft Campaign Steals Over $400,000 In Crypto
Russians and people in Eastern Europe are the targets of an increase in fake Tor Browser installations that hijack clipboards to steal cryptocurrency transactions. Although this assault is not particularly innovative or novel, Kaspersky scientists caution that it is nevertheless…
France Bans TikTok And Other ‘Fun Apps’ On Government Devices
The next nation to take action to block TikTok and Other ‘Fun Apps’ on government-controlled devices is France. The announcement of the change and its justification was made in a statement by Stanislas Guerini, the Minister of Public Transformation and…
Executive Order Limiting Usage Of Commercial Spyware Signed
On Monday, President Joe Biden of the United States issued an executive order restricting federal agencies’ use of commercial spyware. According to the order, the spyware ecosystem “poses serious security or counterintelligence threats to the United States Government or significant…
New IcedID Variants Switch From Delivering Malware To Bank Fraud
The banking Trojan program IcedID, which has recently been used to spread ransomware, has two new variations that security experts have observed being utilized in attack campaigns. The two new variations are lighter than the original since certain functionality has…
Pwn2Own Hacking Competition Awards Over $1 Million In Vancouver
Following the conclusion of Pwn2Own Vancouver 2023, competitors received $1,035,000 and a Tesla Model 3 for exploiting 27 zero-day vulnerabilities between March 22 and March 24. Security researchers targeted devices in the enterprise applications and communications, the local elevation of…
OpenAI: ChatGPT Payment Data Leak Caused By Open-Source Bug
A glitch in the open-source software of the widely-used language model, OpenAI’s ChatGPT payment, has led to a significant data leak. As per OpenAI’s confirmation, the bug resulted in ChatGPT payment inadvertently exposing its paid users’ payment details along with…
14 Million Customer Details Breached In Latitude Financial Firm
The personal information of 14 million Australians and New Zealanders was stolen as a result of a serious security breach. Systems at consumer lending company Latitude Group revealed on Monday that the information had been stolen from them after a…
Rundown Of News And Events That Happened This Week
Here is the rundown of news and events that happened this week in the world of cybersecurity. FBI Detains Owner Of Notorious Cybercrime Forum, BreachForums BreachForums founder Conor Brian Fitzpatrick, 26, of New York, was arrested by the FBI. This…
GitHub Replaces Exposed RSA SSH Key To Keep Git Operations
After unintentionally publishing its private SSH key, GitHub.com rotated it. The software development and version control provider took action out of “an excess of caution” after the private RSA key was briefly exposed. GitHub acknowledged this week that a public…
WooCommerce Payments Plugin Patches Critical Vulnerability
Developers of the popular WooCommerce payments plugin recently identified a critical security flaw that could have affected over 500,000 WordPress sites. The plugin, developed by Automattic, offers a fully integrated payment solution for WooCommerce, making it a highly attractive target for cybercriminals…
City Of Toronto Admits Data Theft, Clop Takes Blame
The City of Toronto has acknowledged today that a third-party vendor did provide unlawful access to Municipal data in the City of Toronto. Access is only permitted for files that cannot be transferred securely to a third party. A city…
New Government Cyber Security Strategy Vital For Healthcare
The Senate Homeland Security Committee cleared legislation on March 30, 2022, aimed at enhancing the cyber readiness of the U.S. healthcare sector. The proposed “Healthcare Cybersecurity Act,” or S. 3904, calls for collaboration between the U.S.The agency responsible for cybersecurity…
German and South Korean Agencies Alerts of Kimsuky’s Attacks
German and South Korean intelligence agencies have issued a joint warning against the increasing cyber-attack tactics of a North Korean hacker group called Kimsuky. The group, believed to be backed by the North Korean government, has been targeting organizations in…
Malicious ChatGPT Chrome Extension Targets Facebook Accounts
Around 9,000 people have downloaded a trojanized version of the genuine ChatGPT plugin for Chrome from the Chrome Web Store, hijacking Facebook accounts in the process. The extension is a clone of the genuine “ChatGPT for Google” Chrome add-on, which…
Windows 11 Snipping Tool Vulnerability Exposes Sensitive Data
The Windows Snipping Tool has also been discovered to be vulnerable to a serious privacy problem known as “acropalypse,” which enables users to partially recover content that has been cut out of an image. David Buchanan and Simon Aarons, two…
Google Bans Chinese App Pinduoduo Over Security Concerns
In response to worries about the security of user data, Google has revealed that it has removed the Chinese social e-commerce app Pinduoduo from its Play Store. This action coincides with US tech firms’ growing worries about the security of…
BreachForums Admin Baphomet Closes The Hacking Forum
An important update came up where BreachForums has been officially taken down. Still, Baphomet, the current BreachForums administrator, stressed that “it’s not the end” in an abrupt change of events on March 21, 2023. Baphomet stated in a post on…
NBA Alerts Fans After Hack Of The Third-Party Service Provider
A notice has been issued by the National Basketball Association (NBA) to inform its fans about a data breach incident that resulted in the theft of certain personal information. An email titled “Notice of Cybersecurity Incident” to an unspecified number…
Ferrari Reveals Data Breach After Getting Ransom Demand
Ferrari, a luxury automaker, admitted a data leak after hackers demanded a ransom. The event occurred last month, and the company is cooperating with law police to investigate. The Italian automaker said in a statement that the breach only involved…
Mandiant Zero-Day Exploitation Report 2022
This report shares key findings from the Mandiant zero-day exploitation investigation of 2022. A zero-day vulnerability, according to Mandiant, is one that was used in the real world before a fix was made available. Focusing on zero-day exploits used by…
Royal Dirkzwager Attacked By Play Ransomware Group
The Play ransomware group’s campaign, the most recent in a succession of strikes on the shipping sector, was proven to have affected the Dutch marine transport company Royal Dirkzwager. The company’s CEO, Joan Blaas, who acquired it in October after…
FBI Detains Owner Of Notorious Cybercrime Forum, BreachForums
Conor Brian Fitzpatrick, a 26-year-old native of New York, has been detained by the Federal Bureau of Investigation (FBI) for running BreachForums. Hackers sell their stolen data and confidential information on this notorious cybercrime forum. Charges of computer crime, identity…
What Is Shoulder Surfing? How Does It Affect Cybersecurity
We rely primarily on technology to protect our sensitive data, including financial information, personal information, and corporate secrets, in the extremely digital world we live in today. Our personal and sensitive information is vulnerable to being obtained by evil people…
Healthcare Firm ILS Alerts 4.2 Million People Of Data Breach
A data breach at Independent Living Systems (ILS), a Miami-based supplier of healthcare administration and managed care solutions, exposed 4,226,508 people’s data. This year’s largest revealed healthcare data breach, according to the number of affected individuals. ILS owns and manages…
New Zealand Moves To Ban TikTok On Its Parliament Devices
In response to international cybersecurity concerns, New Zealand has banned the video-sharing app Tiktok on any before the end of this month, gadgets with access to its parliament until. This makes New Zealand the most recent government to place limitations…
ChipMixer Crypto Mixer Shutdown By German & US Authorities
The European and U.S. authorities recently revealed that ChipMixer, a darknet cryptocurrency “mixing” service, had been taken down in a coordinated international operation. Between 2017 and till date, ChipMixer has been implicated in laundering more than $3 billion in cryptocurrencies for…
Microsoft Outlook Zero-Day Vulnerabilities Exposed
On Tuesday, Microsoft released a sizable number of software security updates and published advisories for two zero-day vulnerabilities that still threaten Windows OS users. The software giant from Redmond, Washington, released patches for at least 80 Windows problems and specifically…
Over $10bn Lost To Online Frauds – FBI Internet Crimes 2022 Report
The potential total financial damages as a result of cybercrime in 2022 increased from $6.9 billion in 2021 to roughly $10.2 billion, with a little reduction in the number of complaints made to the FBI. This information is only one…
Cybercriminals Devising More Tactics For Phishing Attacks
Cybercriminals are constantly improving their phishing attacks by implementing new strategies and techniques. In an effort to deceive victims, get around security controls, and stay undetected. Phishing is a form of social engineering assault that is frequently employed to obtain…
Future-Proofing Your Business Against Insider Threats
In today’s digital world, businesses face various cybersecurity threats, including malware, hacking, and phishing scams. Insider threats, unfortunately, are widely ignored. These threats could emerge from former or present staff members, professionals, or affiliates with access to sensitive company data.…
Two Young US Men Charged, Hacked Into DEA Portal In 2022
Prosecutors accused two young American men of breaking into a DEA portal in 2022 yesterday. Given that the portal was connected to the databases of 16 federal law enforcement organizations, the breach offered the criminals access to sensitive data. The…
Rubrik Admits Data Theft In GoAnywhere Zero-Day Attack
The secure file transfer platform Fortra GoAnywhere has a zero-day vulnerability that was used to steal data, according to cybersecurity company Rubrik. The company stated that it had been the target of a widespread attack employing a zero-day vulnerability targeting…
UK Security Minister Scrutinizes TikTok App Over Security Threats
The UK security minister Tom Tugendhat, the National Cyber Security Centre in the UK, is examining whether or not the Chinese-owned video app TikTok ought to be prohibited from being used on official cell phones. Because of concerns that user…
YoroTrooper Cyberspies Aims At EU Embassies, CIS Energy Orgs
Since June 2022, a new threat actor named “YoroTrooper” has been conducting cyberespionage operations against governments and energy companies in CIS nations. According to Cisco Talos, the World Intellectual Property Organization (WIPO), several European embassies, and a crucial European Union…
Researchers Investigating $197 million heist from Euler Finance
In the most recent flash loan attack to strike the sector, hackers reportedly stole $197 million in cryptocurrencies from the decentralized finance (DeFi) platform Euler Finance. Euler finance Labs did not answer requests for comment, but the attack was acknowledged…
1 Million People Affected By Zoll Medical Data Breach
Zoll Medical, a medical technology developer, recently announced that it had suffered a data breach. The company said that the breach was detected at the end of January when it found some unusual activity on its internal network. After investigation,…
The Revolutionizing Power of AI In Cybersecurity
AI in cybersecurity positively affects the rapid evolution of technology, and the threat landscape for cyber-attacks has increased. Cybercriminals are developing increasingly complex attacks, making it increasingly difficult for businesses to keep up with their security measures. This is where…
AT&T Data Breach Hits Nine Million Customer Accounts
In the AT&T data breach, nine million user accounts were compromised after a third-party marketing partner was breached. As a result of the breach, customer data, including first names, account numbers, phone numbers, and email addresses, were exposed. Nonetheless, the…
Cyberthreat on New Email By Exotic Lily
Exotic Lily is known as PROJECTOR LIBRA and TA580, which is an initial access broker (IAB). Since its start, the threat actor has been well-known in the dark web due to its connections to Diavol and Conti, two ransomware outfits.…
GRC: The Ultimate Guide To Governance, Risk, And Compliance
Do you need help keeping up with governance, risk, and compliance (GRC) requirements? With the increasing regulatory demands, managing and mitigating risks and ensuring compliance can be difficult for any organization. But GRC is super important for keeping things ethical,…
Blackbaud Will Pay $3 Million For Misleading Ransomware Disclosure
To settle their charges, Blackbaud has agreed to pay $3 million. The Securities and Exchange Commission (SEC) accused Blackbaud of failing to fully disclose the effects of a 2020 ransomware assault that affected more than 13,000 customers. Many organizations, including those…
Xenomorph Android Malware Steals Data From 400 Banks
A new automatic transfer system (ATS) framework and the capacity to steal login information for 400 banks are two of the main capabilities added to the Xenomorph Android virus in this new iteration. ThreatFabric found the initial iteration in February…
SoulSearcher Malware Released By Chinese Sharp Panda Group
Sharp Panda’s new “SoulSearcher” malware framework is targeting high-profile government agencies in Vietnam, Thailand, and Indonesia. Chinese APTs used the virus to spy on vital Southeast Asian organizations. Check Point found a spear-phishing-based malware campaign that started in late 2022…
Police Seize Netwire RAT Malware Framework, Detains Admin
After seizing the website and bringing down the infrastructure used by criminals connected to the NetWire remote access malware, international law enforcement authorities have declared another triumph over cybercriminals (RAT). A guy who allegedly ran the worldwiredlabs website, which has…
New Rise In ChatGPT Scams Reported By Fraudsters
Since the release of ChatGPT, the cybersecurity company Darktrace has issued a warning, claiming that a rise in criminals utilizing artificial intelligence to craft more intricate schemes to defraud employees and hack into organizations has been observed. The Cambridge-based corporation…
What TikTok’s Data Decision Means For Cybersecurity
TikTok has become one of the world’s most popular social media platforms in recent years. However, TikTok’s data collection policies have been scrutinized, especially regarding cybersecurity. Following pressure from European governments, TikTok recently announced a data security regime for protecting…
The US RESTRICT Act Gains More Support From Lawmakers
The RESTRICT Act has gained more support from lawmakers as concerns over the security implications of foreign technology continue to increase. The legislation aims to strengthen the US government’s ability to identify and act against potential threats from foreign technology,…
There’s A RAT In mi Note, What Am I Gonna Do?
Cybercriminals use Microsoft OneNote attachments in phishing emails to spread malware and password stealers. Phishing campaigns are one of the most typical ways criminals obtain private or sensitive information. According to Verizon Data Breach Investigations Report, 94% of the malware…
Fortinet Issues Critical RCE Vulnerability in FortiOS & FortiProxy
Fortinet has discovered a “Critical” vulnerability affecting FortiOS & FortiProxy. It enables an unauthenticated attacker to run arbitrary code or result in a service denial (DoS) to the GUI of susceptible devices via carefully crafted queries. This kind of bug…