Products & Services
Products & Services
New Stealthy Bandit Stealer Targeting Web Browsers and Cryptocurrency Wallets
A new stealthy information stealer malware called Bandit Stealer has caught the attention of cybersecurity researchers for its ability to target numerous web browsers and cryptocurrency wallets. "It has the potential to expand to other platforms as Band
Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking
A critical security vulnerability has been disclosed in the Open Authorization (OAuth) implementation of the application development framework Expo.io. The shortcoming, assigned the CVE identifier CVE-2023-28131, has a severity rating of 9.6 on the CVSS
Industrial Giant ABB Confirms Ransomware Attack, Data Theft
Industrial giant ABB has confirmed that it has been targeted in a ransomware attack, with the cybercriminals stealing some data. The post appeared first on .
Severe Flaw in Google Cloud's Cloud SQL Service Exposed Confidential Data
A new security flaw has been disclosed in the Google Cloud Platform's (GCP) Cloud SQL service that could be potentially exploited to obtain access to confidential data. "The vulnerability could have enabled a malicious actor to escalate from a basic Clou
Dell called on NVIDIA hardware for Project Helix generative AI
On-premises artificial intelligence and specifically trained generative AI are now enterprise trends. Leaders from Dell and NVIDIA and analysts from Forrester Research weigh in. The post appeared first on .
How to use Google Smart Lock on iOS to lock down your Google Account
Learn how easy it is to sign into your Google Account using the Smart Lock app on iPhone without needing two-factor authentication codes. The post appeared first on .
Predator Android Spyware: Researchers Uncover New Data Theft Capabilities
Security researchers have detailed the inner workings of the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexa (previously Cytrox). Predator was first documented by Google's Threat Analysis Group (TAG) in May
5 Must-Know Facts about 5G Network Security and Its Cloud Benefits
5G is a game changer for mobile connectivity, including mobile connectivity to the cloud. The technology provides high speed and low latency when connecting smartphones and IoT devices to cloud infrastructure. 5G networks are a critical part of all infra
How an innocuous app morphed into a trojan – Week in security with Tony Anscombe
ESET research uncovers an Android app that initially had no harmful features but months later turned into a spying tool The post appeared first on
GitLab announces AI-DevSecOps platform GitLab 16
GitLab 16 includes more than 55 improvements and new features. Learn about the most notable new technologies in this GitLab platform. The post appeared first on .
New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids
A new strain of malicious software that's engineered to penetrate and disrupt critical systems in industrial environments has been unearthed. Google-owned threat intelligence firm Mandiant dubbed the malware COSMICENERGY, adding it was uploaded to the Vi
Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
The recently identified Buhti operation uses LockBit and Babuk ransomware variants to target Linux and Windows systems. The post appeared first on .
Google Cloud Users Can Now Automate TLS Certificate Lifecycle
Google makes ACME API available to all Google Cloud users to allow them to automatically acquire and renew TLS certificates for free. The post appeared first on .
Zyxel Firewalls Hacked by Mirai Botnet
A Mirai botnet has been exploiting a recently patched vulnerability tracked as CVE-2023-28771 to hack many Zyxel firewalls. The post appeared first on .
Watch Now: Threat Detection and Incident Response Virtual Summit
Join thousands of attendees as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack. (Login Now) The post appeared first on .
NCC Group Releases Open Source Tools for Developers, Pentesters
NCC Group announces new open source tools for finding hardcoded credentials and for distributing cloud workloads. The post appeared first on .
Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances
Email protection and network security services provider Barracuda is warning users about a zero-day flaw that it said has been exploited to breach the company's Email Security Gateway (ESG) appliances. The zero-day is being tracked as CVE-2023-2868 and h
Launch your cybersecurity career with this ethical hacking bundle
Score nearly 70% off this essential cybersecurity certification bundle. The post appeared first on .
Experts laud GDPR at five year milestone
The GDPR, in effect for five years on May 25, has influenced the U.S. data privacy laws and is likely to exert itself when AI creates a new set of privacy challenges. The post appeared first on .
Microsoft warns of Volt Typhoon, latest salvo in global cyberwar
Microsoft published specifics on the Volt Typhoon state-aligned China actor. Experts say raising awareness of threats is critical. The post appeared first on .
Dark Frost Botnet Launches Devastating DDoS Attacks on Gaming Industry
A new botnet called Dark Frost has been observed launching distributed denial-of-service (DDoS) attacks against the gaming industry. "The Dark Frost botnet, modeled after Gafgyt, QBot, Mirai, and other malware strains, has expanded to encompass hundreds
Zyxel Issues Critical Security Patches for Firewall and VPN Products
Zyxel has released software updates to address two critical security flaws affecting select firewall and VPN products that could be abused by remote attackers to achieve code execution. Both the flaws – CVE-2023-33009 and CVE-2023-33010 – are buffer over
Cynet Protects Hospital From Lethal Infection
A hospital with 2,000 employees in the E.U. deployed Cynet protections across its environment. The hospital was in the process of upgrading several expensive imaging systems that were still supported by Windows XP and Windows 7 machines. Cynet protection
New PowerExchange Backdoor Used in Iranian Cyber Attack on UAE Government
An unnamed government entity associated with the United Arab Emirates (U.A.E.) was targeted by a likely Iranian threat actor to breach the victim's Microsoft Exchange Server with a "simple yet effective" backdoor dubbed PowerExchange. According to a new
Alert: Brazilian Hackers Targeting Users of Over 30 Portuguese Banks
A Brazilian threat actor is targeting more than 30 Portuguese financial institutions with information-stealing malware as part of a long-running campaign that commenced in 2021. "The attackers can steal credentials and exfiltrate users' data and personal
Webinar with Guest Forrester: Browser Security New Approaches
In today's digital landscape, browser security has become an increasingly pressing issue, making it essential for organizations to be aware of the latest threats to browser security. That's why the Browser Security platform LayerX is hosting a webinar fe
Buhti Ransomware Gang Switches Tactics, Utilizes Leaked LockBit and Babuk Code
The threat actors behind the nascent Buhti ransomware have eschewed their custom payload in favor of leaked LockBit and Babuk ransomware families to strike Windows and Linux systems. "While the group doesn't develop its own ransomware, it does utilize wh
Augmenting Your Microsoft 365 EOP and MDO Email Security Infrastructure
In today’s cloud-first approach to managing corporate infrastructure and running applications, more than 56% of global organizations use Microsoft for email. Whether using Microsoft 365 (M365) or Office 365 (O365), this shift to the cloud has supported a
From CEO Fraud to Vendor Fraud: The Shift to Financial Supply Chain Compromise
Since its initial identification in 2013, business email compromise (BEC) has been dominated by executive impersonation. But over the past few years, attackers have adjusted their strategies—opting to impersonate third party vendors and suppliers instead
CISO Guide to Business Email Compromise
Business email compromise (BEC) is the most significant cybersecurity threat to enterprise organizations, with $2.7 billion lost in 2022 alone. This type of email attack occurs when a cybercriminal uses social engineering to impersonate a trusted contact
The Essential Guide to Cloud Email Security
As organizations have migrated to cloud-based infrastructure and office platforms like Microsoft 365 and Google Workspace, they’ve seen clear benefits: easier collaboration, greater agility, and lower costs and maintenance related to infrastructure. But
Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation
Website impersonation detection and prevention company Memcyco raises $10 million in seed funding. The post appeared first on .
New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
Mandiant has analyzed a new Russia-linked ICS malware named CosmicEnergy that is designed to cause electric power disruption. The post appeared first on .
Security Pros: Before You Do Anything, Understand Your Threat Landscape
Regardless of the use case your security organization is focused on, you’ll likely waste time and resources and make poor decisions if you don’t start with understanding your threat landscape. The post appeared first on .
China's Stealthy Hackers Infiltrate U.S. and Guam Critical Infrastructure Undetected
A stealthy China-based group managed to establish a persistent foothold into critical infrastructure organizations in the U.S. and Guam without being detected, Microsoft and the "Five Eyes" nations said on Wednesday. The tech giant's threat intelligence
Major Massachusetts Health Insurer Hit by Ransomware Attack, Member Data May Be Compromised
The second-largest health insurer in Massachusetts was the victim of a ransomware attack in which sensitive personal information as well as health information of current and past members may have been compromised. The post appeared first on .
Iranian Agrius Hackers Targeting Israeli Organizations with Moneybird Ransomware
The Iranian threat actor known as Agrius is leveraging a new ransomware strain called Moneybird in its attacks targeting Israeli organizations. Agrius, also known as Pink Sandstorm (formerly Americium), has a track record of staging destructive data-wipi
GUAC 0.1 Beta: Google's Breakthrough Framework for Secure Software Supply Chains
Google on Wednesday announced the 0.1 Beta version of GUAC (short for Graph for Understanding Artifact Composition) for organizations to secure their software supply chains. To that end, the search giant is making available the open source framework as a
Shedding light on AceCryptor and its operation
ESET researchers reveal details about a prevalent cryptor, operating as a cryptor-as-a-service used by tens of malware families The post appeared first on
Iranian Tortoiseshell Hackers Targeting Israeli Logistics Industry
At least eight websites associated with shipping, logistics, and financial services companies in Israel were targeted as part of a watering hole attack. Tel Aviv-based cybersecurity company ClearSky attributed the attacks with low confidence to an Irania
What to Look for When Selecting a Static Application Security Testing (SAST) Solution
If you're involved in securing the applications your organization develops, there is no question that Static Application Security Testing (SAST) solutions are an important part of a comprehensive application security strategy. SAST secures software, supp
Data Stealing Malware Discovered in Popular Android Screen Recorder App
Google has removed a screen recording app named "iRecorder - Screen Recorder" from the Play Store after it was found to sneak in information stealing capabilities nearly a year after the app was published as an innocuous app. The app (APK package name "c
Legion Malware Upgraded to Target SSH Servers and AWS Credentials
An updated version of the commodity malware called Legion comes with expanded features to compromise SSH servers and Amazon Web Services (AWS) credentials associated with DynamoDB and CloudWatch. "This recent update demonstrates a widening of scope, with
N. Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware
The infamous Lazarus Group actor has been targeting vulnerable versions of Microsoft Internet Information Services (IIS) servers as an initial breach route to deploy malware on targeted systems. The findings come from the AhnLab Security Emergency respon
Cyber Attacks Strike Ukraine's State Bodies in Espionage Operation
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks targeting state bodies in the country as part of an espionage campaign. The intrusion set, attributed to a threat actor tracked by the authority as UAC-0063 since 2021,
Digital security for the self‑employed: Staying safe without an IT team to help
Nobody wants to spend their time dealing with the fallout of a security incident instead of building up their business The post appeared first on
GoldenJackal: New Threat Group Targeting Middle Eastern and South Asian Governments
Government and diplomatic entities in the Middle East and South Asia are the target of a new advanced persistent threat actor named GoldenJackal. Russian cybersecurity firm Kaspersky, which has been keeping tabs on the group's activities since mid-2020,
North Korean Kimsuky Hackers Strike Again with Advanced Reconnaissance Malware
The North Korean advanced persistent threat (APT) group known as Kimsuky has been observed using a piece of custom malware called RandomQuery as part of a reconnaissance and information exfiltration operation. "Lately, Kimsuky has been consistently distr
The Rising Threat of Secrets Sprawl and the Need for Action
The most precious asset in today's information age is the secret safeguarded under lock and key. Regrettably, maintaining secrets has become increasingly challenging, as highlighted by the 2023 State of Secrets Sprawl report, the largest analysis of publ
New WinTapix.sys Malware Engages in Multi-Stage Attack Across Middle East
An unknown threat actor has been observed leveraging a malicious Windows kernel driver in attacks likely targeting the Middle East since at least May 2020. Fortinet Fortiguard Labs, which dubbed the artifact WINTAPIX (WinTapix.sys), attributed the malwar
China Bans U.S. Chip Giant Micron, Citing "Serious Cybersecurity Problems"
China has banned U.S. chip maker Micron from selling its products to Chinese companies working on key infrastructure projects, citing national security risks. The development comes nearly two months after the country's cybersecurity authority initiated a
Android app breaking bad: From legitimate screen recording to file exfiltration within a year
ESET researchers discover AhRat – a new Android RAT based on AhMyth – that exfiltrates files and records audio The post appeared first on
E.U. Regulators Hit Meta with Record $1.3 Billion Fine for Data Transfer Violations
Facebook's parent company Meta has been fined a record $1.3 billion by European Union data protection regulators for transferring the personal data of users in the region to the U.S. In a binding decision taken by the European Data Protection Board (EDPB
EU Regulators Hit Meta with Record $1.3 Billion Fine for Data Transfer Violations
Facebook's parent company Meta has been fined a record $1.3 billion by European Union data protection regulators for transferring the personal data of users in the region to the U.S. In a binding decision taken by the European Data Protection Board (EDPB
Chinese state-sponsored attack uses custom router implant to target European governments
Learn technical details about this cyberattack, as well as Check Point Research's tips on how to detect and protect against this security threat. The post appeared first on .
Indonesian Cybercriminals Exploit AWS for Profitable Crypto Mining Operations
A financially motivated threat actor of Indonesian origin has been observed leveraging Amazon Web Services (AWS) Elastic Compute Cloud (EC2) instances to carry out illicit crypto mining operations. Cloud security company's Permiso P0 Labs, which first de
How to manage and share files online using NordLocker
With NordLocker, you can store, manage and share individual files. Learn how with this step-by-step guide. The post appeared first on .
Bad Magic's Extended Reign in Cyber Espionage Goes Back Over a Decade
New findings about a hacker group linked to cyber attacks targeting companies in the Russo-Ukrainian conflict area reveal that it may have been around for much longer than previously thought. The threat actor, tracked as Bad Magic (aka Red Stinger), has
Are Your APIs Leaking Sensitive Data?
It's no secret that data leaks have become a major concern for both citizens and institutions across the globe. They can cause serious damage to an organization's reputation, induce considerable financial losses, and even have serious legal repercussions
How and why to use multiple Apple IDs on the same Mac
There are a few reasons Apple users should sometimes employ a pair of Apple IDs on the same Mac. Here’s how to make it work. The post appeared first on .
Report: More organizations still plan to increase their tech staff
A new Linux Foundation report finds that the global focus is on cloud/containers, cybersecurity and AI/ML skills, and that upskilling is key. The post appeared first on .
GAO Tells Federal Agencies to Fully Implement Key Cloud Security Practices
GAO report underlines the need for federal agencies to fully implement key cloud security practices. The post appeared first on .
U.K. Fraudster Behind iSpoof Scam Receives 13-Year Jail Term for Cyber Crimes
A U.K. national responsible for his role as the administrator of the now-defunct iSpoof online phone number spoofing service has been sentenced to 13 years and 4 months in prison. Tejay Fletcher, 35, of Western Gateway, London, was awarded the sentence o
KeePass Exploit Allows Attackers to Recover Master Passwords from Memory
A proof-of-concept (PoC) has been made available for a security flaw impacting the KeePass password manager that could be exploited to recover a victim's master password in cleartext under specific circumstances. The issue, tracked as CVE-2023-32784, imp
Food Distributor Sysco Says Cyberattack Exposed 126,000 Individuals
Food distributor Sysco Corporation says the personal information of over 126,000 individuals was compromised in a recent cyberattack. The post appeared first on .
Dish Ransomware Attack Impacted Nearly 300,000 People
Satellite TV giant Dish Network says the recent ransomware attack impacted nearly 300,000 people and its notification suggests a ransom has been paid. The post appeared first on .
Microsoft: BEC Scammers Use Residential IPs to Evade Detection
BEC scammers use residential IP addresses in attacks to make them seem locally generated and evade detection. The post appeared first on .
Meta Fined Record $1.3 Billion and Ordered to Stop Sending European User Data to US
The European Union slapped Meta with a record $1.3 billion privacy fine and ordered it to stop transferring user data across the Atlantic. The post appeared first on .
China Tells Tech Manufacturers to Stop Using Micron Chips, Stepping Up Feud With United States
China’s government told users of computer equipment deemed sensitive to stop buying products from the biggest U.S. memory chipmaker, Micron. The post appeared first on .
Samsung Smartphone Users Warned of Actively Exploited Vulnerability
Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor. The post appeared first on .
PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted
The maintainers of Python Package Index (PyPI), the official third-party software repository for the Python programming language, have temporarily disabled the ability for users to sign up and upload new packages until further notice. "The volume of mali
Meet 'Jack' from Romania! Mastermind Behind Golden Chickens Malware
The identity of the second threat actor behind the Golden Chickens malware has been uncovered courtesy of a fatal operational security blunder, cybersecurity firm eSentire said. The individual in question, who lives in Bucharest, Romania, has been given
Notorious Cyber Gang FIN7 Returns With Cl0p Ransomware in New Wave of Attacks
The notorious cybercrime group known as FIN7 has been observed deploying Cl0p (aka Clop) ransomware, marking the threat actor's first ransomware campaign since late 2021. Microsoft, which detected the activity in April 2023, is tracking the financially m
Warning: Samsung Devices Under Attack! New Security Flaw Exposed
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a medium-severity flaw affecting Samsung devices. The issue, tracked as CVE-2023-21492 (CVSS score: 4.4), impacts select Samsung devices running Android ver
US Teenager Indicted for Credential Stuffing Attack on Fantasy Sports Website
Wisconsin teen Joseph Garrison is charged with launching a credential stuffing attack that affected roughly 60,000 user accounts. The post appeared first on .
Pimcore Platform Flaws Exposed Users to Code Execution
Security researchers are warning that newly patched vulnerabilities in the Pimcore platform bring code execution risks. The post appeared first on .
How business email compromise attacks emulate legitimate web services to lure clicks
New BEC cyberattacks use phishing with a legitimate Dropbox link as a lure for malware and credentials theft. The post appeared first on .
Privacy Sandbox Initiative: Google to Phase Out Third-Party Cookies Starting 2024
Google has announced plans to officially flip the switch on its twice-delayed Privacy Sandbox initiatives as it slowly works its way to deprecate support for third-party cookies in Chrome browser. To that end, the search and advertising giant said it int
Dr. Active Directory vs. Mr. Exposed Attack Surface: Who'll Win This Fight?
Active Directory (AD) is among the oldest pieces of software still used in the production environment and can be found in most organizations today. This is despite the fact that its historical security gaps have never been amended. For example, because o
Developer Alert: NPM Packages for Node.js Hiding Dangerous TurkoRat Malware
Two malicious packages discovered in the npm package repository have been found to conceal an open source information stealer malware called TurkoRat. The packages – named nodejs-encrypt-agent and nodejs-cookie-proxy-agent – were collectively downloaded
The real cost of a free lunch – Week in security with Tony Anscombe
Don't download software from non-reputable websites and sketchy links – you might be in for more than you bargained for The post appeared first on
Searching for AI Tools? Watch Out for Rogue Sites Distributing RedLine Malware
Malicious Google Search ads for generative AI services like OpenAI ChatGPT and Midjourney are being used to direct users to sketchy websites as part of a BATLOADER campaign designed to deliver RedLine Stealer malware. "Both AI services are extremely popu
Researchers Identify Second Developer of ‘Golden Chickens’ Malware
Security researchers have identified the second developer of Golden Chickens, a malware suite used by financially-motivated hacking groups Cobalt Group and FIN6. The post appeared first on .
WebKit Under Attack: Apple Issues Emergency Patches for 3 New Zero-Day Vulnerabilities
Apple on Thursday rolled out security updates to iOS, iPadOS, macOS, tvOS, watchOS, and the Safari web browser to address three new zero-day flaws that it said are being actively exploited in the wild. The three security shortcomings are listed below -
Cloudflare Unveils New Secrets Management Solution
Cloudflare introduces Secrets Store, a new solution to help developers and organizations securely store and manage secrets. The post appeared first on .
Apple Patches 3 Exploited WebKit Zero-Day Vulnerabilities
Apple has patched 3 zero-days, two of which are the vulnerabilities patched with the tech giant’s first Rapid Security Response updates. The post appeared first on .
This Cybercrime Syndicate Pre-Infected Over 8.9 Million Android Phones Worldwide
A cybercrime enterprise known as Lemon Group is leveraging millions of pre-infected Android smartphones worldwide to carry out their malicious operations, posing significant supply chain risks. "The infection turns these devices into mobile proxies, tool
Okta’s Security Center opens window to customer insights, including threats and friction
The single sign-on market leader’s Security Center, now generally available, uses Okta Customer Identity Cloud for insights into authentication activity for insights into anomalies, threats and security friction. The post appeared first on .
What is IBM Hybrid Cloud Mesh?
Learn what the expanded cloud offerings mean for potentially smoothing out the line between DevOps and SecOps. The post appeared first on .
Investors Make $6M Bet on Manifest for SBOM Management Technology
Manifest raises $6 million in seed funding to help businesses generate, collect, and manage software bill of materials (SBOMs). The post appeared first on .
Zero Trust + Deception: Join This Webinar to Learn How to Outsmart Attackers!
Cybersecurity is constantly evolving, but complexity can give hostile actors an advantage. To stay ahead of current and future attacks, it's essential to simplify and reframe your defenses. Zscaler Deception is a state-of-the-art next-generation deceptio
How to Reduce Exposure on the Manufacturing Attack Surface
Digitalization initiatives are connecting once-isolated Operational Technology (OT) environments with their Information Technology (IT) counterparts. This digital transformation of the factory floor has accelerated the connection of machinery to digital
Escalating China-Taiwan Tensions Fuel Alarming Surge in Cyber Attacks
The rising geopolitical tensions between China and Taiwan in recent months have sparked a noticeable uptick in cyber attacks on the East Asian island country. "From malicious emails and URLs to malware, the strain between China's claim of Taiwan as part
Industrial Secure Remote Access Is Essential, but Firms Concerned About Risks
Secure remote access is essential for industrial organizations, but many are concerned about the associated risks, a new study shows. The post appeared first on .
8220 Gang Exploiting Oracle WebLogic Flaw to Hijack Servers and Mine Cryptocurrency
The notorious cryptojacking group tracked as 8220 Gang has been spotted weaponizing a six-year-old security flaw in Oracle WebLogic servers to ensnare vulnerable instances into a botnet and distribute cryptocurrency mining malware. The flaw in question i
Triple Threat: Insecure Economy, Cybercrime Recruitment and Insider Threats
A wave of layoffs, coupled with increased recruitment efforts by cybercriminals, could create the perfect conditions for insider threats to flourish The post appeared first on .
Quantum Decryption Brought Closer by Topological Qubits
Quantinuum claims the most powerful quantum computer currently available –through cloud-based access from Quantinuum, and available through Azure Quantum in June 2023. The post appeared first on .
New SBOM Hub Helps All Stakeholders in Software Distribution Chain
Lineaje introduces SBOM360 Hub, an exchange allowing software producers, sellers, and consumers to publish, share and use SBOMs and related compliance artifacts. The post appeared first on .
Google Announces New Rating System for Android and Device Vulnerability Reports
Google is updating its vulnerability reports rating system to encourage researchers to provide more details on the reported bugs. The post appeared first on .
Darknet Carding Kingpin Pleads Guilty: Sold Financial Info of Tens of Thousands
A U.S. national has pleaded guilty in a Missouri court to operating a darknet carding site and selling financial information belonging to tens of thousands of victims in the country. Michael D. Mihalo, aka Dale Michael Mihalo Jr. and ggmccloud1, has been
source : hackernews, securityweek, techrepublicsecurity, welivesecurity