Post-quantum cryptography (PQC) algorithms should be implemented to replace vulnerable traditional public key cryptography (PKC) algorithms to mitigate the threat of quantum computers.
Cloud native development practices are creating dangerous new security blind spots for organizations in the US, UK, France and Germany, according to a new study from Venafi. The machine identity specialist polled 800 security and IT leaders from large organizations based in these four countries to compile its latest report: The Impact of Machine Identities on […]
Nov 06, 2023NewsroomMobile Security / Malware Cybersecurity researchers have shed light on a new dropper-as-a-service (DaaS) for Android called SecuriDropper that bypasses new security restrictions imposed by Google and delivers the malware. Dropper malware on Android is designed to function as a conduit to install a payload on a compromised device, making it a lucrative […]
The United States, South Korea and Japan have decided to establish a high-level consultative body on cyber issues, primarily to tackle North Korea’s cyber activities, the office of South Korea’s president announced on Monday. The main purpose of the group, which will meet on a quarterly basis, is to strengthen “practical joint response capabilities to […]
Since January 2023, an Iranian advanced persistent threat (APT) actor has been targeting higher education and technology organizations in Israel with wipers, cybersecurity firm Palo Alto Networks reports. Tracked as Agrius, but also known as Agonizing Serpens, BlackShadow, Pink Sandstorm, and DEV-0022, the APT has been active since at least 2020 and is believed to […]
The rate of data encryption following a ransomware attack in healthcare was the highest in the last three years, according to Sophos. Ransomware attacks continue to grow in sophistication Among those organizations surveyed, cybercriminals successfully encrypted data in nearly 75% of ransomware attacks. This is the highest rate of encryption in the past three years […]
The first vulnerability, tracked as CVE-2023-23368, allows remote attackers to execute commands via a network. The second vulnerability, identified as CVE-2023-23369, can also be exploited by remote attackers.
Nov 06, 2023NewsroomCyber Attack / Online Security Google is warning of multiple threat actors sharing a public proof-of-concept (PoC) exploit that leverages its Calendar service to host command-and-control (C2) infrastructure. The tool, called Google Calendar RAT (GCR), employs Google Calendar Events for C2 using a Gmail account. It was first published to GitHub in June […]
The botnet uses a domain generation algorithm (DGA) to connect with its command and control server and can be instructed to establish backconnect server connections, allowing infected devices to be used as proxy servers.