WhatsApp boosts defense against account takeover via malware
WhatsApp announced today the introduction of several new security features, one of them dubbed "Device Verification" and designed to provide...
News
Russian hackers linked to widespread attacks targeting NATO and EU
Poland's Military Counterintelligence Service and its Computer Emergency Response Team have linked APT29 state-sponsored hackers, part of the Russian government's...
US-CERT Vulnerability Summary for the Week of April 3, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Google Launches New Cybersecurity Initiatives to Strengthen Vulnerability Management
Google on Thursday outlined a set of initiatives aimed at improving the vulnerability management ecosystem and establishing greater transparency measures...
RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware
Cybersecurity researchers have detailed the tactics of a "rising" cybercriminal gang called "Read The Manual" (RTM) Locker that functions as...
WhatsApp Introduces New Device Verification Feature to Prevent Account Takeover Attacks
Popular instant messaging app WhatsApp on Thursday announced a new account verification feature that ensures that malware running on a...
Lazarus Hacker Group Evolves Tactics, Tools, and Targets in DeathNote Campaign
The North Korean threat actor known as the Lazarus Group has been observed shifting its focus and rapidly evolving its...
New Python-Based “Legion” Hacking Tool Emerges on Telegram
An emerging Python-based credential harvester and a hacking tool named Legion is being marketed via Telegram as a way for...
Pakistan-based Transparent Tribe Hackers Targeting Indian Educational Institutions
The Transparent Tribe threat actor has been linked to a set of weaponized Microsoft Office documents in attacks targeting the...
Why Shadow APIs are More Dangerous than You Think
Shadow APIs are a growing risk for organizations of all sizes as they can mask malicious behavior and induce substantial...
ChatGPT Security: OpenAI’s Bug Bounty Program Offers Up to $20,000 Prizes
OpenAI, the company behind the massively popular ChatGPT AI chatbot, has launched a bug bounty program in an attempt to...
Kyocera Android app with 1M installs can be abused to drop malware
A Kyocera Android printing app is vulnerable to improper intent handling, allowing other malicious applications to abuse the flaw to download...
DDoS attacks shifting to VPS infrastructure for increased power
Hyper-volumetric DDoS (distributed denial of service) attacks in the first quarter of 2023 have shifted from relying on compromised IoT...
Windows admins warned to patch critical MSMQ QueueJumper bug
Security researchers and experts warn of a critical vulnerability in the Windows Message Queuing (MSMQ) middleware service patched by Microsoft...
Hyundai data breach exposes owner details in France and Italy
Hyundai has disclosed a data breach impacting Italian and French car owners and those who booked a test drive, warning...
Microsoft shares guidance to detect BlackLotus UEFI bootkit attacks
Microsoft has shared guidance to help organizations check if hackers targeted or compromised machines with the BlackLotus UEFI bootkit by...
US-CERT Vulnerability Summary for the Week of April 3, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Israel-based Spyware Firm QuaDream Targets High-Risk iPhones with Zero-Click Exploit
Threat actors using hacking tools from an Israeli surveillanceware vendor named QuaDream targeted at least five members of civil society...
The Service Accounts Challenge: Can’t See or Secure Them Until It’s Too Late
Here's a hard question to answer: 'How many service accounts do you have in your environment?'. A harder one is:...
North Korean Hackers Uncovered as Mastermind in 3CX Supply Chain Attack
Enterprise communications service provider 3CX confirmed that the supply chain attack targeting its desktop application for Windows and macOS was...
Urgent: Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit
It's the second Tuesday of the month, and Microsoft has released another set of security updates to fix a total...
Cybercriminals charge $5K to add Android malware to Google Play
Malware developers have created a thriving market promising to add malicious Android apps to Google Play for $2,000 to $20,000,...
3CX confirms North Korean hackers behind supply chain attack
VoIP communications company 3CX confirmed today that a North Korean hacking group was behind last month's supply chain attack. "Based...
Kodi discloses data breach after forum database for sale online
The Kodi Foundation has disclosed a data breach after hackers stole the organization's MyBB forum database containing user data and...
