HACKRead
Android Malware Poses as WhatsApp, Instagram, Snapchat to Steal Data
A new Android malware poses as popular applications like WhatsApp, Instagram, and Snapchat to steal user data, including login credentials.
The Hacker News
Malicious Android Apps Pose as Google, Instagram, WhatsApp, Spread via Smishing
Fake Android apps mimicking popular platforms like Google & WhatsApp are stealing user data.
The Record
Okta’s security chief on the company’s own cyberattack and how the ‘battleground’ has shifted
Okta Chief Security Officer David Bradbury discusses lessons from the incident, how nation-state threats are evolving, and how AI is already influencing identity-based attacks.
The Record
School exams are no reason to block internet access, groups tell Iraq’s leaders
Iraq is one of the few countries that has repeatedly cut off the internet to prevent alleged exam cheating.
CyberNews
TikTok and ByteDance file lawsuit to block US divest-or-ban bill
TikTok and Chinese parent company ByteDance filed suit in US federal court seeking to block a law that would force the company to divest from TikTok or face a ban.
CyberNews
Shadow political ads thrive on Facebook during India’s election
A report shows that myriad Facebook political ads in India during its current election season are run by fake and stolen accounts – despite Meta banning such practice.
HACKRead
Cuckoo Mac Malware Mimics Music Converter to Steals Passwords and Crypto
Cybersecurity researchers from Mac security provider, Kandji, have discovered a new malware dubbed "Cuckoo" targeting macOS users.
Ars Technica
These dangerous scammers don’t even bother to hide their crimes
Cybercriminals openly run dozens of scams across social media and messaging apps.
CyberNews
Microsoft goes passwordless on all consumer accounts
Microsoft has launched passkeys enabling users to drop passwords to access the company’s accounts.
The Hacker News
Google Announces Passkeys Adopted by Over 400 Million Accounts
Google announces over 400 million accounts now use passkeys - the passwordless authentication solution.
SecurityWeek
CISO Conversations: Talking Cybersecurity With LinkedIn's Geoff Belknap and Meta's Guy Rosen
SecurityWeek discusses cybersecurity leadership with Geoff Belknap, CISO at LinkedIn, and Guy Rosen, CISO at Facebook parent company Meta.
Cyber Security News
Malware Cuckoo - Previously Unknown Infosteler Spyware Steals Data From MacOS
a previously undetected malware threat for macOS that exhibits characteristics of both an infostealer and spyware.
The Record
More than 100 arrested in Spain in $900,000 WhatsApp scheme
To trick their victims, the scammers posed as a family member — typically a son — in some distressing situation requiring urgent financial help, Spanish police said.
CyberNews
Breaking 2FA authentication: demystifying your security
Multi-factor and 2-factor authentication, its safety and how hackers can overcome it
CyberNews
Meta is now threatening to leave India
Tech giant Meta has said that it will have to cease services in India if the country continues to demand changes to its end-to-end encryption and user data policies.
The Record
Telegram blocks, then unblocks, chatbots used by Ukraine’s intelligence services
Ukraine’s government uses the bots to collect and share real-time information about Russian military activity.
The Cyber Express
TCE Cyberwatch: From Ransomware to Deepfakes, This Week’s Top Cybersecurity Threats
This week's TCE Cyberwatch delves into a range of pressing cybersecurity issues impacting the world today. From the rise of
CyberNews
TikTok CEO vows to 'prevail' and defeat US restrictions
TikTok CEO Shou Zi Chew expects to win a legal challenge to block divest-or-ban legislation signed into law by President Joe Biden and Congress.
CyberNews
US Senate passes TikTok divestment-or-ban bill
The US Senate voted in favor of legislation that would ban TikTok in the United States.
The Hacker News
Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases
European police warn that default E2EE could severely hamper efforts to tackle online crimes like child abuse and terrorism.
DarkReading
ToddyCat APT Is Stealing Data on 'Industrial Scale'
The threat actor is deploying multiple connections into victim environments to maintain persistence and steal data.
The Hacker News
Russian Hacker Group ToddyCat Uses Advanced Tools for Industrial-Scale Data Theft
Kaspersky has uncovered a concerning threat actor, ToddyCat, targeting government and military entities.
Latest Hacking News
Apple Removed Numerous Apps From China App Store
Apple users in China may no longer find various popular apps, such as WhatsApp and Telegram, on the App Store. Apple seemingly removed these apps from the App Store following the Chinese government orders that
The Cyber Express
The 2024 India Elections Cyber Crisis: AI, Deepfakes, and Democratic Integrity
India is currently hosting its general elections, spanning from April 19 to June 1, 2024, across seven phases to elect
The Record
Police warn partnership with tech industry ‘at risk’ over end-to-end encryption
A joint declaration from European police chiefs does not mention Meta by name, but just a few months ago the company began rolling out the technology as default across “all personal chats and calls on Messenger and Facebook.”
CyberNews
Cybercriminals targeting LastPass users
Users of the password manager are being targeted by a phishing campaign instructing them to reset their accounts on fraudulent sites.
CyberNews
Suspicious domains targeting Trump and Biden on the rise – interview
At least 11,974 suspicious domains targeting former President Donald Trump or President Joe Biden have been created since the beginning of last year.
The Record
Ukrainian soldiers’ apps increasingly targeted for spying, cyber agency warns
CERT-UA is attributing the surge to a group tracked as UAC-0184, which was also recently spotted targeting an unnamed Ukrainian entity in Finland.
Ars Technica
LLMs keep leaping with Llama 3, Meta’s newest open-weights AI model
Zuckerberg says new AI model "was still learning" when Meta stopped training.
.webp)
Cyber Security News
“Mobile NotPetya”!! Surge in Zero-click Vulnerabilities, Conditions Favour
The cybersecurity community is sounding the alarm about the growing risk of a "mobile NotPetya" event - a self-propagating mobile malware.
CyberNews
Meta will shut down Threads in Turkey
Meta has said it will temporarily shut down Threads in Turkey due to regulatory requirements linked to the platform’s mandatory tie-in with Instagram.
Bleeping Computer
Cisco Duo warns third-party data breach exposed SMS MFA logs
Cisco Duo's security team warns that hackers stole some customers' VoIP and SMS logs for multi-factor authentication (MFA) messages in a cyberattack on their telephony provider.
HACKRead
LastPass Dodges Deepfake Scam: CEO Impersonation Attempt Thwarted
Password management giant LastPass narrowly avoided a potential security breach after a company employee was targeted by a deepfake scam.
Security Affairs
LastPass employee targeted via audio deepfake call
Crooks targeted a LastPass employee using deepfake technology to impersonate the company's CEO in a fraudulent scheme.
SecurityWeek
LastPass Employee Targeted With Deepfake Calls
LastPass this week revealed that one of its employees was targeted in a phishing attack involving deepfake technology.
CyberNews
Deepfake scam targets password manager LastPass
The password manager giant with over 25 million users has been targeted by a deepfake call impersonating the company’s CEO.
SC Magazine
AI-generated code potentially used in new Rhadamanthys campaign
A PowerShell script used to deploy the infostealer contains unusually specific comments, researchers say.
SC Magazine
LastPass thwarts attempt to deceive employee with deepfake audio
While the employee did not fall for the scam, LastPass took the incident as an opportunity to spread awareness about deepfakes.
Bleeping Computer
LastPass: Hackers targeted employee in failed deepfake CEO call
LastPass revealed this week that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company's Chief Executive Officer.
Infosecurity News
New Android Espionage Campaign Spotted in India and Pakistan
A new cyber espionage campaign, called ‘eXotic Visit,’ targeted Android users in South Asia via seemingly legitimate messaging apps
DarkReading
Zambia Busts 77 People in China-Backed Cybercrime Op
Phony call center company conducted online fraud and other Internet scams.
The Hacker News
'eXotic Visit' Spyware Campaign Targets Android Users in India and Pakistan
Active Android spyware campaign 'eXotic Visit' targeting users in India and Pakistan.
CyberNews
Ramadan-themed scam targets Muslims worldwide
The scammers have used fake ads offering free mobile internet data to lure victims and steal their personal information in a Ramadan-related campaign.
The Cyber Express
WhatsApp Scam Exposed: Egyptian Brothers Imprisoned for Hacking Consumer Database
The Criminal Court has delivered justice by sentencing two Egyptian brothers to imprisonment for two and a half years for
Cyber Security News
$30 Million Bounty Rewards For Android, iOS, & Chrome Zero-day
This year, Crowdfense is expanding its scope to encompass additional major research fields like Enterprise Software, WiFi/Baseband, and
Security Affairs
Crowdfense is offering a larger $30M exploit acquisition program
Zero-day broker firm Crowdfense announced a 30 million USD offer as part of its Exploit Acquisition Program.
Bleeping Computer
The new features coming in Windows 11 24H2, expected this fall
Windows 11 24H2 is set to arrive on existing devices this fall with several new features, mostly Copilot-related improvements.
CyberNews
Meta overhauls rules on AI deepfakes for Facebook and Instagram
Meta's Facebook, Instagram, and Threads new “Made with AI” label for AI-generated images, video, and audio will help combat disinformation ahead of the US elections.
Cyber Security News
New Fake E-Shopping Attack Hijacking Users Banking Credentials
A fake e-shop scam campaign has been targeting Southeast Asia since 2021, as CRIL observed a surge in activity in September 2022, with the
The Record
British police investigating ‘honey trap’ WhatsApp messages sent to MPs
The probe follows a report uncovering how WhatsApp accounts were contacting targets with suggestive and tailored messages that developed into sexually explicit conversations for the apparent sake of acquiring compromising photographs.
The Record
Thousands of staff, students have sensitive data stolen in University of Winnipeg hack
The Canadian institution, The university, which has more than 18,000 students and 800 staff, said that “the stolen information likely includes the personal information of current and former students and employees.”
The Record
Magecart-style hackers charged by Russia in theft of 160,000 credit cards
Russian authorities took the rare step of publicly identifying suspects in a cybercrime case involving credit card information.
CyberNews
Parental control app exposes live GPS locations of kids on internet
KidSecurity has leaked sensitive information about children for the second time.
CyberNews
Apple services restored after brief global outage
Multiple Apple services, including the App Store, Apple TV+, and Apple Music, were down on Wednesday for users in the US, according to the company's status page.
CyberNews
WhatsApp, Instagram, Facebook outage affects users worldwide
All three of Meta Platforms’ social media apps – WhatsApp, Facebook, Instagram – have been reported down for thousands of users around the world Wednesday afternoon.
Infosecurity News
Infostealers Prevalent in Retail Sector Cybercrime Trends
The findings from Netskope also show a shift in the retail sector’s use of cloud applications
DarkReading
Cyber Threats Intensify in Middle East During Ramadan
How security teams in the region fortify their defenses amid short-staffing — and increased DDoS, phishing, and ransomware campaigns — during the Muslim holy month.
SC Magazine
'Darcula’ phishing platform targets postal organizations worldwide
Netcraft researchers say the Chinese-language PhaaS platform targeted postal organization in more than 100 countries, including USPS.
CSO
Telesign launches integrated API to combine traditional identity verification channels
Verify API will let customers choose any of the seven verification channels to silently verify all end-users.
CyberNews
Big Tech dominates digital ad market despite antitrust measures
Amazon, Apple, Meta, Microsoft, and Alphabet-owned Google will attract almost two-thirds of US digital ad dollars in 2024.
CyberNews
US officials investigate Meta’s role in sale of illegal drugs – report
Meta, the company behind Facebook, Instagram, and WhatsApp, is being probed for its involvement in the sale of illegal drugs on its platforms.
CyberNews
ICO slams officials for using WhatsApp, Telegram
breach of data protection law that occurred over Telegram and WhatsApp.
SecurityWeek
In Other News: CISA Hacked, Chinese Lock Backdoors, Exposed Secrets
CISA hacked via Ivanti vulnerabilities, Chinese electronic lock backdoors, 12 million secrets exposed on GitHub.
.webp)
Cyber Security News
Hackers Abuse Venmo Payment Service to Steal Login Details
Venmo, a mobile payment service owned by PayPal, facilitates a convenient exchange of money for businesses to transact with customers.
.jpg)
Bleeping Computer
PixPirate Android malware uses new tactic to hide on phones
The latest version of the PixPirate banking trojan for Android employs a previously unseen method to hide from the victim while remaining active on the infected device even if its dropper app has been removed.
The Hacker News
PixPirate Android Banking Trojan Using New Evasion Tactic to Target Brazilian Users
IBM reports a new evasion technique by PixPirate Android trojan targeting Brazilian users. The malware now hides its icon, making it undetectable on v
%20(1).webp)
Cyber Security News
Android Banking Malware PixPirate Taken Hiding Technique to New Extreme
The Android banking malware known as PixPirate is pushing the boundaries of stealth with innovative techniques to evade detection.
DarkReading
'PixPirate' RAT Invisibly Triggers Wire Transfers from Android Devices
A multitooled Trojan cuts apart Brazil's premier wire transfer app. Could similar malware do the same to Venmo, Zelle, or PayPal?
Bleeping Computer
Windows 10 KB5035845 update released with 9 new changes, fixes
Microsoft has released the KB5035845 cumulative update for Windows 10 21H2 and Windows 10 22H2, which includes nine new changes and fixes.
Security Affairs
Insurance scams via QR codes: how to recognise and defend yourself
Threat actors can abuse QR codes to carry out sophisticated scams, as reported by the Italian Postal Police in its recent alert.
The Record
Russian independent media outlet Meduza faces ‘most intense cyber campaign’ ever
The organization, operating from Latvia and under constant pressure from the Putin regime, says "our tech team has never encountered threats at this scale before.”
The Cyber Express
Sophisticated Fraud Rings Spread Pig Butchering Scams Across Asia
In recent years, the financial industry in India has been marred by the spread of pig butchering scams, a sophisticated
Security Affairs
Security Affairs newsletter Round 462 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Cyber Security News
Cyber Security News Weekly Round-Up : Vulnerabilities, Cyber Attacks, Threats & New Cyber Stories
Stay updated with the most recent advancements in the cybersecurity industry with our weekly recap of cybersecurity news.
SecurityWeek
In Other News: Google AI Hacking, Font Vulnerabilities, IBM Training Facility
Noteworthy stories that might have slipped under the radar: Google AI bug bounties, font vulnerabilities, IBM opens new training facility.
The Hacker News
Meta Details WhatsApp and Messenger Interoperability to Comply with EU's DMA Regulations
Meta announces plans for interoperability between WhatsApp, Messenger, and third-party messaging services in response to the EU's Digital Markets Act.
DarkReading
Japan on Line Breach: Clean Up Post-Merger Tech Sprawl
A Japanese ministry blames a shared Active Directory between merged tech companies Line and South Korea's Naver for a massive data breach last November.
Infosecurity News
Predator Spyware Targeted Mobile Phones in New Countries
Despite being exposed to human rights violations, the Predator spyware continues to be used across the world – including in new countries
Security Affairs
META hit with privacy complaints by EU consumer groups
This is my interview with TRT International on the Meta dispute with EU consumer groups, which are calling on the bloc to sanction the company
.webp)
Cyber Security News
U.S. Asks NSO Group to disclose Code Related to Pegasus spyware
A U.S. district court has mandated that the Israeli firm NSO Group, known for its Pegasus spyware, must provide WhatsApp with documents
CyberNews
EU is now looking at Meta’s Pay-or-Okay scheme
The EU has asked Meta for more details about its Pay-or-Okay scheme, under which European users are forced to pay if they do not want their data to be used or sold.
The Record
Russia’s chief propagandist leaks intercepted German military Webex conversation
The editor-in-chief of RT said the recording of German air force officials had been provided to her by “comrades in uniform.”
Security Affairs
U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp
A U.S. Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta.
The Hacker News
U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp
A U.S. court has ordered Israeli spyware company NSO Group to disclose the source code and functionality details of its Pegasus spyware to Meta.
CyberNews
Court orders Meta to cease using its name in Brazil
Meta could be forced to stop using its name in Brazil after a local tech company – also named Meta – decided to take the tech behemoth to court over the copycat moniker.
HACKRead
Russia Clamps Down on VPNs, Furthering Restrictions on Internet Access
It is worth noting that restricting VPNs may limit Russian citizens' access to the outside world and form broader perspectives.
SecurityWeek
In Other News: Google Flaw Exploited, 3D Printers Hacked, WhatsApp Gets NSO Spyware
Unpatched Google vulnerability exploited, 3D printers hacked by white hats, WhatsApp will get NSO Group spyware.
CyberScoop
Predator spyware endures even after widespread exposure, analysis shows
The operators of the Predator spyware rebuilt their infrastructure and operate in at least 11 countries after being exposed last year.
The Record
Spyware maker NSO Group ordered to turn over Pegasus code in WhatsApp case
A California federal judge ordered the Israeli company to turn over its highly protected secret code as part of discovery in a years-long lawsuit.
Bleeping Computer
Windows 10 KB5034843 update released with 9 new changes, fixes
Microsoft has released the optional KB5034843 Preview cumulative update for Windows 10 22H2 with an updated sharing experience and eight other fixes or changes.
Bleeping Computer
Windows 11 'Moment 5' update released, here are the new features
Microsoft has released the Windows 11 'Moment 5' update for versions 23H2 and 22H2, starting the rollout of new features, such as Windows Copilot skills and plugins, Voice Access, AI enhancements for ClipChamp and Photos, and Narrator improvements.
Infosecurity News
Savvy Seahorse Targets Investment Platforms With DNS Scams
Infoblox said Savvy Seahorse uses fake ChatGPT and WhatsApp bots to lure victims
HACKRead
Savvy Seahorse Using Fake ChatGPT, Facebook Ads in DNS Investment Scam
Savvy Seahorse employs advanced techniques like fake ChatGPT and WhatsApp bots to entice users into high-return investment scams.
Cyber Security News
Savvy Seahorse Hackers Leverage DNS CNAME Records to Exploit Victims
Cybersecurity researchers unveiled a sophisticated scam operation, "Savvy Seahorse," exploiting victims through advanced DNS manipulation techniques.
The Record
Chad suffers internet and telecom disruptions amid deadly political clashes
Internet connectivity and telecommunications in Chad were disrupted following a deadly attack on the country’s internal security agency.
CyberNews
Threat actor uses Facebook to lure victims, sends cash to Russia
A threat actor called Savvy Seahorse creates fake investment platforms, lures in victims through Facebook, and transfers their deposits to a Russian state-owned bank.
Bleeping Computer
Savvy Seahorse gang uses DNS CNAME records to power investor scams
A threat actor named Savvy Seahorse is abusing CNAME DNS records Domain Name System to create a traffic distribution system that powers financial scam campaigns.
The Hacker News
Open-Source Xeno RAT Trojan Emerges as a Potent Threat on GitHub
Xeno RAT, a new player in the malware scene, boasts alarming features for remote system exploitation. Learn more about its impact on Windows systems.
Infosecurity News
Expert Warns of Growing Android Malware Activity
Kaspersky said that in 2023, the number of mobile attacks soared to nearly 33.8 million
CyberNews
Meta’s new team targeting disinformation and AI harms in EU elections
Meta has unveiled plans to activate a dedicated team to combat disinformation and AI harms ahead of the upcoming European Parliament elections.
Loading more articles....