Cybersecurity
Category Added in a WPeMatico Campaign
Oct 04, 2023THNMobile Security / Spyware New findings have identified connections between an Android spyware called DragonEgg and another sophisticated modular iOS surveillanceware tool named LightSpy. DragonEgg, alongside WyrmSpy (aka AndroidControl), was first disclosed by Lookout in July 2023 as a strain of malware capable of gathering sensitive data from Android devices. It was attributed […]
ReversingLabs researchers have identified a new, malicious supply chain attack affecting the npm platform. The “typosquatting” campaign first appeared in August and pushed a malicious package, node-hide-console-windows, which downloaded a Discord bot that facilitated the planting of an open source rootkit, r77. This is the first time ReversingLabs researchers have discovered a malicious open source […]
Enlarge / The image a Bing Chat user shared to trick its AI model into solving a CAPTCHA. Denis Shiryaev / Ars Technica Bing Chat, an AI chatbot from Microsoft similar to ChatGPT, allows users to upload images for the AI model to examine or discuss. Normally, Bing Chat refuses to solve CAPTCHAs, which are […]
A dark web user was found selling account credentials allegedly from the Law Enforcement Enterprise Portal (LEEP). The Federal Bureau of Investigation relies on LEEP as a platform that offers specialized investigative tools, analytical solutions, and internal networking opportunities. The alleged FBI LEEP data sale can mean information of a critical nature is at risk […]
The North Atlantic Treaty Organization (NATO) said it is investigating claims that data was stolen from unclassified websites under the military alliance’s control. A hacking group named SiegedSec — which has been at the center of several recent hacks involving U.S. municipalities over the last year — claimed to have stolen 9 GB of data. […]
San Francisco’s transport agency Metropolitan Transportation Commission (MTC) exposes drivers’ plate numbers and addresses Pierluigi Paganini October 03, 2023 A misconfiguration in the Metropolitan Transportation Commission (MTC) systems caused a leak of over 26K files, exposing clients’ home addresses and the plate numbers of their vehicles. The Metropolitan Transportation Commission (MTC) is a governmental agency […]
Oct 04, 2023The Hacker NewsSaaS Security / Enterprise Security Today, mid-sized companies and their CISOs are struggling to handle the growing threat of SaaS security with limited manpower and tight budgets. Now, this may be changing. By focusing on the critical SaaS security needs of these companies, a new approach has emerged that can be […]
Endpoint Security APT 41 Used Android, iOS Surveillance Malware to Target APAC Victims Since 2018 Jayant Chakravarti (@JayJay_Tech) • October 3, 2023 A WeChat Pay payment services sign at Cafe De Coral in Hong Kong (Image; Shutterstock) Security researchers linked a surveillance toolkit called LightSpy to Chinese cyberespionage group APT41. The group used […]
The Madagascar government likely used the Cytrox-developed Predator spyware to conduct political domestic surveillance ahead of the country’s presidential election, according to research by Sekoia. French threat intelligence firm Sekoia’s latest technical analysis of Cytrox’s infrastructure was prompted by recent revelations that Predator had been installed on the iPhone of the former Egyptian MP Ahmed […]