Cybersecurity
Category Added in a WPeMatico Campaign
Cybercriminals are targeting Mac users interested in cryptocurrency opportunities with fake calendar invites. During the attacks the criminals will send a link supposedly to add a meeting to the target’s calendar. In reality the link runs a script to install Mac malware on the target’s machine. Cybersecurity expert Brian Krebs investigated and flagged the issue. […]
SocGholish malware, otherwise known as “fake browser updates”, is one of the most common types of malware infections that we see on hacked websites. This long-standing malware campaign leverages a JavaScript malware framework that has been in use since at least 2017. The malware attempts to trick unsuspecting users into downloading what is actually a […]
Mar 04, 2024NewsroomAI Security / Vulnerability As many as 100 malicious artificial intelligence (AI)/machine learning (ML) models have been discovered in the Hugging Face platform. These include instances where loading a pickle file leads to code execution, software supply chain security firm JFrog said. “The model’s payload grants the attacker a shell on the compromised […]
Cybersecurity researchers have identified new infrastructure likely used by the operators of the commercial spyware known as Predator in at least 11 countries. By analyzing the domains likely used to deliver the spyware, analysts at Recorded Future’s Insikt Group were able to spot potential Predator customers in Angola, Armenia, Botswana, Egypt, Indonesia, Kazakhstan, Mongolia, Oman, […]
Multi-factor & Risk-based Authentication , Security Operations Calls Grow to Block Browser-Based Password Storage as Malware Comes Calling Mathew J. Schwartz (euroinfosec) • March 1, 2024 Hackers want you to store passwords in browsers. (Image: Shutterstock) Typing passwords is a drag. Ever-helpful browser makers and online services know this and offer to save […]
Governance & Risk Management , Government , Industry Specific Officials Express Concern Over Growing Potential for Chinese Maritime Cyberthreats Chris Riotta (@chrisriotta) • February 29, 2024 The U.S. Coast Guard told a House panel on Feb. 29, 2024, that it’s expanding its cybersecurity capabilities. (Image: Shutterstock) The U.S. Coast Guard is expanding its […]
Eken camera doorbells allow ill-intentioned individuals to spy on you Pierluigi Paganini March 03, 2024 Camera doorbells manufactured by the Chinese company Eken Group Ltd under the brands EKEN and Tuck are affected by major vulnerabilities. Researchers from Consumer Reports (CR) discovered severe vulnerabilities in doorbell cameras manufactured by the Chinese company Eken Group Ltd. […]
U.S. cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and techniques the threat actors have adopted to deploy the file-encrypting malware. “Structured as a ransomware as a service (RaaS) model, Phobos ransomware actors have targeted entities including municipal and county governments, emergency services, […]
Taiwan’s Defense Ministry is urging Chunghwa Telecom, the the island’s largest telecom company, to improve its cybersecurity following a data breach that compromised government-related information. The hackers, reportedly believed to be backed by the Chinese government, made off with 1.7TB of data following the Chunghwa compromise and have put it all up for sale on […]