Cybersecurity

Lazarus Group Using Log4j Exploits to Deploy Remote Access Trojans

Dec 11, 2023NewsroomVulnerability / Espionage The notorious North Korea-linked threat actor known as the Lazarus Group has been attributed to a new global campaign that involves the opportunistic exploitation of security flaws in Log4j to deploy previously undocumented remote access trojans (RATs) on compromised hosts. Cisco Talos is tracking the activity under the name Operation […]

Cybersecurity

UK sanctions nine linked to cyber trafficking in Southeast Asia

The United Kingdom on Friday sanctioned 14 individuals and entities connected to Southeast Asia’s sprawling online scamming industry — the first such designation directly targeting the human traffickers who con workers into carrying out fraud. The sanctions announced by the Treasury target nine individuals with links to so-called “scam compounds” — where workers are held […]

Cybersecurity

Researcher discovered a new lock screen bypass bug for Android 14 and 13

Researcher discovered a new lock screen bypass bug for Android 14 and 13 Pierluigi Paganini December 10, 2023 Researchers discovered a lock screen bypass bug in Android 14 and 13 that could expose sensitive data in users’ Google accounts. The security researcher Jose Rodriguez (@VBarraquito) discovered a new lock screen bypass vulnerability for Android 14 and 13. […]

Cybersecurity

Aim for a modern data security approach – Help Net Security

Risk, compliance, governance, and security professionals are finally realizing the importance of subjecting sensitive workloads to robust data governance and protection the moment the data begins traversing the data pipeline. Many organizations no longer feel it’s adequate to secure data only once it “settles” in a cloud data warehouse, and know that they must begin […]

Cybersecurity

FBI explains how companies can delay SEC cyber incident disclosures

The FBI has published guidance on how companies can request a delay in disclosing cyber incidents to the Securities and Exchange Commission (SEC). The document is a followup to new rules that the SEC approved in June requiring companies to quickly disclose “material” cybersecurity incidents and share the details of their cybersecurity risk management, strategy […]

Cybersecurity

SpyLoan Scandal: 18 Malicious Loan Apps Defraud Millions of Android Users

Dec 11, 2023NewsroomData Security / Mobile Security Cybersecurity researchers have discovered 18 malicious loan apps for Android on the Google Play Store that have been collectively downloaded over 12 million times. “Despite their attractive appearance, these services are in fact designed to defraud users by offering them high-interest-rate loans endorsed with deceitful descriptions, all while […]

Cybersecurity

Researchers Unveil GuLoader Malware’s Latest Anti-Analysis Techniques

Dec 09, 2023NewsroomMalware / Cyberattack Threat hunters have unmasked the latest tricks adopted by a malware strain called GuLoader in an effort to make analysis more challenging. “While GuLoader’s core functionality hasn’t changed drastically over the past few years, these constant updates in their obfuscation techniques make analyzing GuLoader a time-consuming and resource-intensive process,” Elastic […]