Sep 11, 2023THNCyber Espionage / Malware The Iranian threat actor known as Charming Kitten has been linked to a new wave of attacks targeting different entities in Brazil, Israel, and the U.A.E. using a previously undocumented backdoor named Sponsor. Slovak cybersecurity firm is tracking the cluster under the name Ballistic Bobcat. Victimology patterns suggest that […]
With the growing reliance on web applications and digital platforms, the use of application programming interfaces (APIs) has become increasingly popular. If you aren’t familiar with the term, APIs allow applications to communicate with each other and they play a vital role in modern software development. However, the rise of API use has also led […]
The company was informed that its customer data was stolen on September 6th, 2023, by Troy Hunt, the creator of the data breach notification service ‘Have I Been Pwned’ (HIBP), after a threat actor released it on a hacking forum.
Sep 11, 2023THNPrivacy / Online Security Google has officially begun its rollout of Privacy Sandbox in the Chrome web browser to a majority of its users, nearly four months after it announced the plans. “We believe it is vital to both improve privacy and preserve access to information, whether it’s news, a how-to-guide, or a […]
API security company Traceable has unveiled its 2023 State of API Security Report. In collaboration with the Ponemon Institute, the study provides a comprehensive global perspective on the state of API security, exposing critical vulnerabilities and their far-reaching consequences. The report, based on insights from 1629 cybersecurity experts across the United States, the United Kingdom […]
Introduction HijackLoader is a new malware loader, which has grown in popularity over the past few months. Even though HijackLoader does not contain advanced features, it is capable of using a variety of modules for code injection and execution since it uses a modular architecture, a feature that most loaders do not have. Based on […]
The UK government appears to have pulled back on a controversial clause in its forthcoming Online Safety Bill that would have forced tech companies to snoop on users’ messages. Clause 110 of the mammoth piece of legislation enables regulator Ofcom to force messaging providers to use “accredited technology” to perform so-called “client-side scanning.” That is, […]
Introduction The Zscaler ThreatLabz team recently observed a surge in tech-support scams, with a noteworthy focus on the utilization of Windows Action Center notifications to display misleading warning messages to users. While the majority of tech-support scams previously centered around counterfeit notifications related to Windows Defender, scammers have since expanded their tactics to include bogus […]
Vendor Risk Management Series B Funding Will Allow Certa to Further Automate Compliance, Procurement Tasks Michael Novinson (MichaelNovinson) • September 8, 2023 Jag Lamba, founder and CEO, Certa (Image: Certa) A third-party management platform founded by a longtime McKinsey consultant closed a funding round to bring further automation to compliance and procurement tasks. […]