The Federal Communications Commission is warning mobile phone service providers to ensure they are shielding customers from cybercriminals who use fraudulent SIM swaps to take over unwitting victims’ mobile phone accounts. The warning comes on the heels of a Cyber Safety Review Board (CSRB) finding announced in August. The board detailed the operations of the […]
ESET Research has discovered a cluster of malicious Python projects being distributed in PyPI, the official Python package repository. The threat targets both Windows and Linux systems and usually delivers a custom backdoor. In some cases, the final payload is a variant of the infamous W4SP Stealer, or a simple clipboard monitor to steal cryptocurrency, […]
A sweeping congressional review of eight major pharmacy chains’ privacy practices found that none require a warrant prior to sharing customers’ records with law enforcement, and three of the eight do not require any legal review of such requests, according to an announcement Tuesday from Sen. Ron Wyden. Wyden urged the Biden administration to revise […]
The exposed information included donor names, addresses, payment methods, and even sensitive data about children associated with the organizations, posing a potential risk for phishing attacks and fraudulent donation requests.
Dec 13, 2023NewsroomMobile Communication / Firmware security Google is highlighting the role played by Clang sanitizers in hardening the security of the cellular baseband in the Android operating system and preventing specific kinds of vulnerabilities. This comprises Integer Overflow Sanitizer (IntSan) and BoundsSanitizer (BoundSan), both of which are part of UndefinedBehaviorSanitizer (UBSan), a tool designed […]
The United Kingdom’s Ministry of Defence has been fined £350,000 (about $440,000) for its failure to protect the information of Afghans who worked with the British government and sought relocation shortly after the Taliban took control of Afghanistan in 2021. The Information Commissioner’s Office (ICO) said it is issuing the fine because the mistake “could […]
Dubai’s largest taxi app exposes 220K+ users Pierluigi Paganini December 12, 2023 The Dubai Taxi Company (DTC) app, which provides taxi, limousine, and other transport services, left a database open to the public, exposing sensitive customer and driver data. Dubai Taxi Company, a subsidiary of Dubai’s Roads and Transport Authority, leaked a trove of sensitive […]
Malware analysis encompasses a broad range of activities, including examining the malware’s network traffic. To be effective at it, it’s crucial to understand the common challenges and how to overcome them. Here are three prevalent issues you may encounter and the tools you’ll need to address them. Decrypting HTTPS traffic Hypertext Transfer Protocol Secure (HTTPS), […]
Ukraine’s defense intelligence directorate (GUR) said it infected thousands of servers belonging to Russia’s state tax service with malware, and destroyed databases and backups. During the operation, Ukraine’s military spies said they managed to break into one of the “key well-protected central servers” of Russia’s federal tax service (FNS) as well as more than 2,300 […]