Sep 15, 2023THNPrivacy / Online Security Google has agreed to pay $93 million to settle a lawsuit filed by the U.S. state of California over allegations that the company’s location-privacy practices misled consumers and violated consumer protection laws. “Our investigation revealed that Google was telling its users one thing – that it would no longer
A major data breach at Airbus revealed earlier this week stemmed from a RedLine info-stealer likely hidden in a pirated copy of Microsoft software, according to researchers. The European aerospace giant said it has launched an investigation into the incident. “As a major high-tech and industrial player, Airbus is also a target for malicious actors,”
The volume of cybersecurity vulnerabilities is rising, with close to 30% more vulnerabilities found in 2022 vs. 2018. Costs are also rising, with a data breach in 2023 costing $4.45M on average vs. $3.62M in 2017. In Q2 2023, a total of 1386 victims were claimed by ransomware attacks compared with just 831 in Q1
Video Ballistic Bobcat is a suspected Iran-aligned cyberespionage group that targets organizations in various industry verticals, as well as human rights activists and journalists, mainly in Israel, the Middle East, and the United States 14 Sep 2023 This week, ESET researchers unveiled their findings about a campaign by the Ballistic Bobcat APT group that deployed
Elon Musk is in the crosshairs of US federal regulators over his handling of privacy and security issues since he took over at X (formerly known as Twitter). In a new court filing made public on September 11, 2023, the US Department of Justice (DoJ) revealed further details about a Federal Trade Commission (FTC) investigation
Employee offboarding is no one’s favorite task, yet it is a critical IT process that needs to be executed diligently and efficiently. That’s easier said than done, especially considering that IT organizations have less visibility and control over employees’ IT use than ever. Today, employees can easily adopt new cloud and SaaS applications whenever and
As the world’s 18th most visited website and 7th most frequented social network, it’s no surprise that Reddit also holds great allure for cybercriminals. Besides an endless number of legitimate subreddits, cute alien pictures as well as annual April Fool’s day events, Redditors may also encounter various kinds of fakery on the site, including scams that
The UK Government suffers from a major shortage of cybersecurity experts, putting critical services at high risk of cyber-attacks, a new report from the Parliament’s Public Accounts Committee (PAC) has found. The Committee revealed a major digital skills shortage in the civil service, which has under half the number of digital, data and tech professionals
There is a new battlefield. It is global and challenging to defend. What began with a high-profile incident back in 2007, when Estonia was hit by hackers targeting its government and commercial sector, has evolved into cyber warfare that is being waged constantly worldwide. Today, cyberattacks have become the norm, transforming how we think about
Privacy If you want to try to enter the world of VPNs with a small dip, then iCloud Private Relay is your friend — but is it a true VPN service? The devil is in the details. Márk Szabó 31 Aug 2023 • , 4 min. read In 2021, Apple released a new feature for
ESET researchers have identified two active campaigns targeting Android users, where the threat actors behind the tool are attributed to the China-aligned APT group GREF. Most likely active since July 2020 and since July 2022, respectively, the campaigns have distributed the Android BadBazaar espionage code through the Google Play store, Samsung Galaxy Store, and dedicated
Video ESET researchers uncover a Telegram bot that enables even less tech-savvy scammers to defraud people out of their money 25 Aug 2023 ESET researchers have found a toolkit that is implemented as a Telegram bot and helps less tech-savvy fraudsters scam people on online marketplaces. The toolkit, which ESET experts named Telekopye, creates template-based
ESET Research Listen as ESET’s Director of Threat Research Jean-Ian Boutin unravels the tactics, techniques and procedures of MoustachedBouncer, an APT group taking aim at foreign embassies in Belarus ESET Research 10 Aug 2023 Press play to learn about the intricate workings of MoustachedBouncer, an advanced persistent threat (APT) group discovered by ESET and first
Video ESET research uncovers active campaigns targeting Android users and spreading espionage code through the Google Play store, Samsung Galaxy Store and dedicated websites 31 Aug 2023 ESET researchers have uncovered two active campaigns targeting Android users and spreading the BadBazaar espionage code through the Google Play store, Samsung Galaxy Store, and dedicated websites. The
ESET researchers discovered a Ballistic Bobcat campaign targeting various entities in Brazil, Israel, and the United Arab Emirates, using a novel backdoor we have named Sponsor. We discovered Sponsor after we analyzed an interesting sample we detected on a victim’s system in Israel in May 2022 and scoped the victim-set by country. Upon examination, it
Business Security New reports from Europol and the UK’s National Crime Agency (NCA) shed a light on how the battle against cybercrime is being fought Phil Muncaster 06 Sep 2023 • , 4 min. read Law enforcement remains an integral part of the fight against agile and increasingly well-resourced adversaries. Consumers and businesses, too, can
ESET Research Closing intrusion vectors force cybercriminals to revisit old attack avenues, but also to look for new ways to attack their victims ESET Research 12 Sep 2023 Sextortion emails and other text-based threats have been on a massive increase in H1 2023 and the question remains why. Are criminals just lazy? Are they trying
Video The update to X’s privacy policy has sparked some questions among privacy and security folks, including how long X will retain users’ biometric information and how the data will be stored and secured 08 Sep 2023 Will you give X your biometric data in order to help secure your account on the site? The
MGM Resorts International, a well-known name in the world of hotels and casinos, has experienced a cybersecurity incident. According to a post on X (formerly Twitter), the incident caused trouble for critical parts of the company, including its main website, online bookings and in-casino services such as ATMs, slot machines and card payment machines. “MGM
Sep 12, 2023THNSoftware Security / Vulnerability A new vulnerability disclosed in GitHub could have exposed thousands of repositories at risk of repojacking attacks, new findings show. The flaw “could allow an attacker to exploit a race condition within GitHub’s repository creation and username renaming operations,” Checkmarx security researcher Elad Rapoport said in a technical report
Investigations have begun into a massive ransomware attack that has affected Sri Lanka’s government cloud system, Lanka Government Cloud (LGC). The investigation is being conducted by the Sri Lanka Computer Emergency Readiness Team and Coordination Center (CERT|CC). Sri Lanka’s Information and Communication Technology Agency (ICTA) confirmed the attack to several local news outlets on September
Sep 11, 2023THNPrivacy / Online Security Google has officially begun its rollout of Privacy Sandbox in the Chrome web browser to a majority of its users, nearly four months after it announced the plans. “We believe it is vital to both improve privacy and preserve access to information, whether it’s news, a how-to-guide, or a
Security researchers at Cisco Talos have uncovered a scheme that preys on graphic designers and 3D modelers. Cyber-criminals are using cryptocurrency-mining malware to hijack the Graphics Processing Units (GPUs) commonly used in these fields. According to an advisory published by Cisco Talos on Thursday, this campaign has been active since at least November 2021. The
Sep 09, 2023THNMalware / Hacking A legitimate Windows tool used for creating software packages called Advanced Installer is being abused by threat actors to drop cryptocurrency-mining malware on infected machines since at least November 2021. “The attacker uses Advanced Installer to package other legitimate software installers, such as Adobe Illustrator, Autodesk 3ds Max, and SketchUp
China has unveiled a new cyber capability powered by artificial intelligence, enabling the automatic generation of images for influence operations. These operations aim to mimic US voters across the political spectrum, fueling controversy along racial, economic and ideological lines. The findings come from a new report released by Microsoft Threat Analysis Center (MTAC) on Thursday.
Sep 09, 2023THNMobile Security / Spyware Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that’s designed to harvest sensitive information from compromised Android devices. According to Kaspersky security researcher Igor Golovin, the apps come with nefarious features to capture and exfiltrate names, user IDs, contacts, phone numbers, and
The UK’s data protection regulator is set to review how period and fertility tracking applications process user information, after revealing that many women have concerns. The Information Commissioner’s Office (ICO) said it has contacted the developers of many of these apps to find out more. It also wants users to come forward and share their
Sep 08, 2023THNZero Day / Cyber Attack Threat actors associated with North Korea are continuing to target the cybersecurity community using a zero-day bug in unspecified software over the past several weeks to infiltrate their machines. The findings come from Google’s Threat Analysis Group (TAG), which found the adversary setting up fake accounts on social
A left-leaning think tank has urged a new UK Labour government to place cybersecurity front-and-center of its policymaking, borrowing from the Biden administration playbook where necessary. Progressive Britain’s new paper, CyberSecuronomics: Cybersecurity and Labour’s Modern Industrial Strategy, argued that the current Conservative government’s commitment to cyber is “insufficiently ambitious.” It said the UK still invests
Sep 07, 2023THNBotnet / Cyber Threat A Mirai botnet variant called Pandora has been observed infiltrating inexpensive Android-based TV sets and TV boxes and using them as part of a botnet to perform distributed denial-of-service (DDoS) attacks. Doctor Web said the compromises are likely to occur either during malicious firmware updates or when applications for
- « Previous Page
- 1
- …
- 42
- 43
- 44
- 45
- 46
- …
- 123
- Next Page »