Author: Admin
July 31, 2024Ravi LakshmananWeb Security / Compliance Certification authority (CA) DigiCert has warned that it will revoke a subset of SSL/TLS certificates within 24 hours due to an oversight in how it verifies that a digital certificate is issued to a legitimate domain owner. The company said it will revoke certificates that do not have proper domain control checks (CVD). “Before issuing a certificate to a customer, DigiCert verifies the customer’s control or ownership of the domain name for which it is requesting a certificate using one of several methods approved by the CA/Browser Forum (CABF),” this said. One way…
Here’s an introduction to FUDdy: We all know that phishing attacks are growing in scale and sophistication, that artificial intelligence is enabling more sophisticated attacks that evade traditional defenses, and the never-ending shortage of cybersecurity talent means we’re all struggling , to provide a full complement of security teams. Given this reality, security teams must be able to monitor and respond to threats effectively and efficiently. Obviously, you can’t let real threats go unnoticed, but you also can’t afford to waste time on false positives. In this post, we’ll look at some of the ways Material securityA unique approach to…
July 31, 2024Ravi LakshmananCyber attack / threat intelligence Japanese organizations are being targeted by a Chinese nation-state threat that uses a family of malware such as LODEINFO and NOOPDOOR to collect sensitive information from compromised hosts while remaining undetected in some cases for periods of two to three years . Israeli cybersecurity firm Cybereason is tracking a company called Spear Cuckooattributing it as being associated with a well-known intrusion suite called APT10, which is also known as Bronze Riverside, ChessMaster, Cicada, Cloudhopper, MenuPass, MirrorFace, Purple Typhoon (formerly Potassium), and Stone Panda. “The actors behind NOOPDOOR not only used LODEINFO during…
July 31, 2024Ravi LakshmananCyber espionage / threat intelligence Companies in Russia and Moldova have been targeted by a phishing campaign organized by a little-known cyber espionage group known as XDSpy. The findings come from cybersecurity firm FACCT, which said the infection chains lead to the deployment of malware called DDSownloader. Activity was observed this month as well, it added. XDSpy is a menacing actor of uncertain origin who was the first uncovered By the Belarusian Computer Emergency Response Team, CERT.BY, in February 2020. Next analysis by ESET attributed to group to attacks to steal information since 2011, assigned to government…
July 31, 2024Ravi LakshmananMobile Security / Malware Since at least February 2022, a new malware campaign has been observed using malicious Android apps to steal users’ SMS messages as part of a large-scale campaign. The malware, which spans more than 107,000 unique samples, is designed to intercept one-time passwords (OTPs) used for online account verification to commit identity fraud. “Of these 107,000 malware samples, more than 99,000 of these apps are/were unknown and not available in public repositories,” according to mobile security company Zimperium. said in a report shared with The Hacker News. “This malware monitored OTP messages for more…
July 31, 2024Ravi LakshmananPrivacy / Social Media Meta, the parent company of Facebook, Instagram and WhatsApp, has agreed to a record $1.4 billion settlement with the US state of Texas over allegations it illegally collected the biometric data of millions of users without their permission, in one of the largest fines levied by regulators. against the tech giant. “This historic settlement demonstrates our commitment to standing up to the world’s largest technology companies and holding them accountable for violating the law and the privacy rights of Texans,” said Attorney General Ken Paxton said. “Any misuse of Texans’ confidential data will…
There’s no doubting Paes’ commitment. He’s well aware of the undertaking and is excited about the opportunities in front of him and Indonesian Nation Team–currently ranked 134th in the world. “What I want to achieve is putting Indonesia on the soccer map,” he said. “It’s a huge country, 300 million people and their number one sport is football, or soccer. If you see the amount of support that they get, the potential that is there, it’s just time to fulfill that potential. “And off the field, I also want to be leading by example and have a huge impact there.…
July 30, 2024Hacker newsDark Web Intelligence Learn about the critical threats that can affect your organization and the criminals behind them from Cybersixgill’s threat experts. Each story sheds light on the underground activity, the threat actors and why you should care, and what you can do to reduce your risk. The deep and dark web, also known as the cybercriminal underground, is where criminals gather to share plans, sell goods or services, and recruit others to help with their illegal activities. Understanding how it functions and what information it offers is critical to proactively protecting your environment from attacks, as…
July 30, 2024Ravi LakshmananMobile Security / Spyware A new iteration of a sophisticated Android spyware called Mandragora was found in five apps that were available for download from the Google Play Store and remained undetected for two years. The apps attracted a total of more than 32,000 installs before being removed from the app storefront, Kaspersky said on Monday. Most of the downloads come from Canada, Germany, Italy, Mexico, Spain, Peru and the UK “The new samples included new levels of obfuscation and evasion techniques, such as moving malicious functionality into obfuscated proprietary libraries, using certificate pinning for C2 communication,…
As more people work remotely, IT departments must manage devices spread across cities and countries, relying on VPNs and remote monitoring and management (RMM) tools for system administration. However, like any new technology, RMM tools can also be used maliciously. Threat actors can connect to a victim’s device and run commands, steal data, and remain undetected. This article will look at real-world examples of RMM exploits and show you how to protect your organization against these attacks. What are RMM tools? RMM software simplifies network management by allowing IT professionals to remotely troubleshoot problems, install software, and upload or download…