News
-
"421M Spyware Apps Downloaded Through Google Play"It has been discovered that spyware masquerading as a marketing Software Development Kit (SDK) has infested 101 Android apps, with over 421 million downloads. Researchers at Doctor Web refer to the malicious SDK as "SpinOk" and report that it is…
-
"Safe Aid: Protecting Privacy in Humanitarian Operations"EPFL researchers collaborated with the International Committee of the Red Cross (ICRC) to develop a privacy-preserving humanitarian aid distribution system. The system's design uses tokens to decentralize the storage and processing of recipient data,…
-
"New Go-written GobRAT RAT targets Linux Routers in Japan"GobRAT, a new Remote Access Trojan (RAT) written in the Go programming language, targets Linux routers in Japan, according to the JPCERT Coordination Center. To execute malicious scripts and deploy the GobRAT malware, threat actors are targeting Linux…
-
"UA Little Rock Receives $1 Million Grant to Protect Against Energy-Focused Cyberattacks"The University of Arkansas at Little Rock and its partners have announced the expansion of the Emerging Threat Information Sharing and Analysis Center (ET-ISAC) to bolster the fight against the growing risk of cyberattacks in the energy sector. This new…
-
"New 'Bandit Stealer' Malware Siphons Data From Browsers, Crypto Wallets"Cybersecurity researchers at Trend Micro have discovered a new information-stealing malware targeting browsers and cryptocurrency wallets. The malware called Bandit Stealer has only targeted Windows systems so far, but it can potentially spread to other…
-
"CAPTCHA-Breaking Services with Human Solvers Helping Cybercriminals Defeat Security"Cybersecurity researchers at Trend Micro have warned about CAPTCHA-breaking services being offered for sale to circumvent systems designed to differentiate between legitimate users and bot traffic. CAPTCHA, which stands for Completely Automated Public…
-
"Clever 'File Archiver in the Browser' Phishing Trick Uses ZIP Domains"A new 'File Archivers in the Browser' phishing kit exploits ZIP domains by displaying fake WinRAR or Windows File Explorer windows in the browser in order to trick users into launching malicious files. Google recently began allowing the registration of…
-
"Penetration Tester Develops AWS-Based Automated Cracking Rig"Max Ahartz, a penetration tester, realized that building a custom cracking rig for research would be costly, so he built one on Amazon Web Services (AWS). In an interview with Help Net Security, he discussed the process and the specifics of his creation…
-
"Travel-Themed Phishing, BEC Campaigns Get Smarter as Summer Season Arrives"As the summer holiday season approaches, travel-themed phishing scams are gathering momentum, posing a significant threat to individuals and organizations. According to a recent McAfee survey, 30 percent of adults have fallen victim to or know someone…
-
"Major Massachusetts Health Insurer Hit by Ransomware Attack, Member Data May Be Compromised"The second-largest health insurer in Massachusetts was recently the victim of a ransomware attack in which sensitive personal information and health information of current and past members may have been compromised. Point32Health stated that a “…
-
"Dark Web Data Leak Exposes RaidForums Members"Nearly half a million members of a notorious cybercrime forum have recently had their details publicly exposed after a key database was published on another hacking site. Cybersecurity researchers at VX-Underground confirmed the news that over 478,…
-
"Retailer Database Error Leaks Over One Million Customer Records"According to WebsitePlanet, a database configuration error at a popular automotive retailer led to the exposure of 1TB of records, including customers’ personal information. Security researcher Jeremiah Fowler reported the incident to the web-…