Items tagged with cybersecurity
Security researchers at Any.Run have found a new zero-day attack currently being used by threat actors to evade detection tools used by security professionals. This new technique “evades antivirus software, prevents uploads to sandboxes, and bypasses Outlook's spam filters, allowing the malicious emails to reach your...
Read more...
It might seem as if threat actors have been more heavily targeting mobile users lately with malware and exploits, but it doesn’t mean desktop users can drop their guard. Researchers at ESET have discovered a vulnerability in several Mozilla products, which are currently being exploited by a Russian hacking group known...
Read more...
Companies that offer AI services to the public, like Anthropic and OpenAI, try to prevent out-of-pocket behavior from their AI models by establishing "guardrails" on them, hopefully preventing their AIs from doing things like asking their human users to "please die." These guardrails prevent the networks from engaging...
Read more...
Wordfence, a cybersecurity company that specializes in making WordPress security products, has found a critical vulnerability in a plugin used by over 4 million internet websites. The company says that “this is one of the more serious vulnerabilities that we have reported on in our 12 year history.”
The affected...
Read more...
Security researchers at Kaspersky have discovered malware, dubbed SteelFox, which has been spreading “via forums posts, torrent trackers and blogs” since February of last year. It’s a potent piece of malicious software that attackers can use to extract a whole host of data from a victim’s computer, and can even enable...
Read more...
In what feels like a serious case of déjà vu, a piece of Android malware initially discovered two years ago, and spotted this time by cybersecurity firm Zimperium, is making the rounds again with a new version sporting several alarming advancements. While the malicious app has a new coat of paint, the aim is still the...
Read more...
A joint statement by the Federal Bureau of Investigations (FBI) and Critical Infrastructure Security and Resilience (CISA) have revealed that parties affiliated with People's Republic of China have gained access to U.S. commercial telecommunication infrastructure. Some of the phones targeted by the attack...
Read more...
With threat actors constantly targeting Android users with spam to distribute new malware, and even going so far as to repurpose older malware, Google is upgrading Messages to better protect users. The company is bringing “new controls and features to make your conversations on Google Messages even more secure and...
Read more...
Security software provider Kaspersky, which will soon be banned from selling or providing its services in the United States, promised a smooth transition for current customers. However, many of these customers were shocked to find that their Kaspersky antivirus software had suddenly deleted itself and was...
Read more...
In what feels like déjà vu, a particular piece of Android malware has managed to sneak its way back into apps available in the Google Play Store after initially being discovered in 2019. The security research team at Kaspersky shared that the "Necro" trojan was found within several popular apps that, according to...
Read more...
Researchers at Cado Security have found new malware targeting maOS users, which is dubbed “Cthulhu Stealer.” The malicious app attempts to deceiver users by masquerading as legitimate software, such as CleanMyMac, Grand Theft Auto IV, and Adobe GenP. It’s incredibly similar to Atomic Stealer, malware first released in...
Read more...
Security researchers at Cisco Talos have discovered a set of vulnerabilities affecting macOS users who have Microsoft applications installed on their computers, providing more attack vectors for malicious actors. The researchers say that “an attacker could bypass the operating system’s permission model by using...
Read more...
More malware targeting Mac users has been found by searchers at security firm Elastic Security Labs. The malicious software has been dubbed “Banshee Stealer,” and it is able to compromise systems using either Intel or Apple Silicon chips. The researchers says that “this malware presents a severe risk to macOS users...
Read more...
This one's important, so let's get right to it: a new security flaw in all versions of Windows opens the door for a wormable remote code execution vulnerability. That means it can be exploited by an automated worm with zero user interaction required, and it gives the remote attacker the ability to execute code on the...
Read more...
Yet another leak of stolen data has made its way to Breach Forums, a popular site for bad actors who traffic in this kind of data theft. The data originates from the breach of National Public Data, which is a service that gathers information from separate sources to form profiles on individuals located in several...
Read more...
Security firm Cleafy has discovered a new piece of Android malware being used in the wild, dubbed BingoMod. BingoMod is designed to steal money from a victim by committing On Device Fraud, which makes it easier to bypass security measures used by banking institutions. The threat actors appear to be targeting users...
Read more...
Apple users located across 98 countries have received notifications from the company that they have been targeted in a recent spyware campaign, according to a report by TechCrunch. This is part an initiative by Apple to warn users who are typically at higher risk of being targeted in these kinds of attacks, such as...
Read more...
Security firm Symantec has posted a bulletin about a smishing (SMS phishing) campaign currently targeting Apple users in the United States. The end of goal for these threat actors is to take over a user’s Apple ID, which provides them access to an individual’s personal information, financial information, and...
Read more...
Cybersecurity firm Check Point Research has discovered a potent piece of Android malware, called Rafel, being utilized by threat actors. The malware is an open-source remote administration tool (RAT) and Check Point Research says that it has already observed “an espionage group leveraging Rafel in their...
Read more...
It appears that AMD is now the latest victim of cybercrime and a data breach, as company data is being offered for sale on a message board frequented by criminal hackers. AMD acknowledged the situation in a statement, noting that, "we are aware of a cybercriminal organization claiming to be in possession of stolen AMD...
Read more...
Threat actors are actively trying to exploit VPN environments that make use of remote access at an accelerated rate, in order to infiltrate and attack enterprise networks, according to cyber security firm Check Point. The company says the intent is to “discover relevant enterprise assets and users, seeking for...
Read more...
Are you looking to get some laundry done on the cheap or, even better yet, free? It turns out a security flaw in a popular internet-connected laundry machine vendor could allow anyone to avoid paying the fee for washing or drying clothes. This vulnerability was reported to the vendor months ago and remains unfixed...
Read more...