News
-
"Android Banking Trojan SOVA Comes Back With New Features Including Ransomware"Security researchers at Cleafy spotted the Android banking Trojan SOVA in the wild again, which appears to have new features. The researchers stated that SOVA was first spotted in September 2021, when its developers posted a roadmap of future…
-
"Boffins Rate npm and PyPI Package Security and It's Not Good"Computer scientists at North Carolina State University (NCSU) have evaluated software package registries npm and PyPI using Open Source Security Foundation (OpenSSF) Scorecards. In November 2020, the OpenSSF Scorecard project was launched to provide an…
-
"Google Finally Realizes It Needs to Do More to Fight Misinformation in Searches"Google is aware its searches can give misleading results, and now they want to fix that. For example, if one types "can I remove a tick with my teeth?" in Google search, the first thing you'll see is advice from the Centers for Disease Control to "…
-
"Standard for AI Security in Singapore Launched"Artificial Intelligence (AI) adoption has accelerated in recent years, from self-driving autonomous vehicles to AI-assisted medical diagnoses. From 2018 to 2020, the percentage of organizations deploying AI increased fivefold globally. While AI has many…
-
"Organizations Warned of Critical Vulnerabilities in NetModule Routers"Security researchers at Flashpoint are warning organizations of two newly identified critical vulnerabilities in NetModule Router Software (NRSW) that could be exploited in attacks. Acquired by Belden earlier this year, NetModule provides IIoT and…
-
"Thinking like a Cyber-Attacker to Protect User Data"According to MIT researchers, a component of computer processors that connects different parts of the chip can be exploited by malicious agents seeking to steal secret information from programs running on the computer. Modern computer processors contain…
-
"Critical Vulnerabilities Found in Device42 Asset Management Platform"Security researchers at Bitdefender have found multiple critical vulnerabilities in the Device42 asset management platform, including bugs that could be exploited to execute arbitrary code. The Device42 platform helps administrators track…
-
"Palo Alto Networks Firewalls Targeted for Reflected, Amplified DDoS Attacks"Palo Alto Networks is currently working on fixes for a reflected amplification denial-of-service (DoS) vulnerability that impacts PAN-OS, the platform powering its next-gen firewalls. The company recently learned that threat actors have attempted…
-
"Ransomware Data Theft Epidemic Fueling BEC Attacks"Security researchers at Accenture have discovered that a surge in corporate data stolen by ransomware gangs is inundating the cybercrime underground with exactly the sort of information fraudsters need to launch convincing business email compromise (BEC…
-
"Hackers Behind Cuba Ransomware Attacks Using New RAT Malware"Threat actors linked to the Cuba ransomware have previously unknown tactics, techniques, and procedures (TTPs), including a new Remote Access Trojan (RAT) called ROMCOM RAT on compromised systems. New information comes from Palo Alto Networks' Unit 42…
-
"Cisco Confirms Network Breach Via Hacked Employee Google Account"Cisco Systems disclosed information about a May hack by the Yanluowang ransomware group, which used a compromised employee's Google account. A post by the company's own Cisco Talos threat research arm calls the attack a potential compromise. During the…
-
"New HTTP Request Smuggling Attacks Target Web Browsers"James Kettle, a security researcher and director of PortSwigger, who previously demonstrated how attackers can exploit flaws in the way in which websites handle HTTP requests, warned that the same issues can be used in browser-based attacks against users…