General Security News
-
SandStrike – Previously Unknown Android Malware Attacks Android Users Via VPN App
Android users are being targeted by threat actors using spyware known as SandStrike, which is delivered via malware-infected VPN applications....
-
Robin Banks Phishing Service for Cybercriminals Returns with Russian Server
A phishing-as-a-service (PhaaS) platform known as Robin Banks has relocated its attack infrastructure to DDoS-Guard, a Russian provider of...
-
Researchers Uncover 29 Malicious PyPI Packages Targeted Developers with W4SP Stealer
Cybersecurity researchers have uncovered 29 packages in Python Package Index (PyPI), the official third-party software repository for the Python...
-
Microsoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities
Microsoft is warning of an uptick among nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for...
-
Researchers Find Links b/w Black Basta Ransomware and FIN7 Hackers
A new analysis of tools put to use by the Black Basta ransomware operation has identified ties between the threat actor and the FIN7 (aka Carbanak)...
-
Why Identity & Access Management Governance is a Core Part of Your SaaS Security
Every SaaS app user and login is a potential threat; whether it's bad actors or potential disgruntled former associates, identity management and...
-
OPERA1ER APT Hackers Targeted Dozens of Financial Organizations in Africa
A French-speaking threat actor dubbed OPERA1ER has been linked to a series of more than 30 successful cyber attacks aimed at banks, financial...
-
New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users' Data
Popular short-form video-sharing service TikTok is revising its privacy policy for European users to make it explicitly clear that user data can be...
-
Multiple Vulnerabilities Reported in Checkmk IT Infrastructure Monitoring Software
Multiple vulnerabilities have been disclosed in Checkmk IT Infrastructure monitoring software that could be chained together by an unauthenticated,...
-
These Android Apps with a Million Play Store Installations Redirect Users to Malicious Sites
A set of four Android apps released by the same developer has been discovered directing victims to malicious websites as part of an adware and...
-
Samsung Galaxy Store Flaw Allows Remote Attacker to Run Code on Affected Phones
A security flaw in the Galaxy Store allows attackers to trigger remote code execution on affected smartphones. The now patched vulnerability,...
-
An Unofficial Patch Has Been Released for Actively Exploited Windows MoTW Zero-Day
There is an unofficial patch from 0patch for a Zero-Day flaw in Microsoft Windows that allows bypassing the MotW (Mark-of-the-Web) protections...