Cybersecurity
Category Added in a WPeMatico Campaign
Oct 04, 2023The Hacker NewsSaaS Security / Enterprise Security Today, mid-sized companies and their CISOs are struggling to handle the growing threat of SaaS security with limited manpower and tight budgets. Now, this may be changing. By focusing on the critical SaaS security needs of these companies, a new approach has emerged that can be […]
Endpoint Security APT 41 Used Android, iOS Surveillance Malware to Target APAC Victims Since 2018 Jayant Chakravarti (@JayJay_Tech) • October 3, 2023 A WeChat Pay payment services sign at Cafe De Coral in Hong Kong (Image; Shutterstock) Security researchers linked a surveillance toolkit called LightSpy to Chinese cyberespionage group APT41. The group used […]
The Madagascar government likely used the Cytrox-developed Predator spyware to conduct political domestic surveillance ahead of the country’s presidential election, according to research by Sekoia. French threat intelligence firm Sekoia’s latest technical analysis of Cytrox’s infrastructure was prompted by recent revelations that Predator had been installed on the iPhone of the former Egyptian MP Ahmed […]
Recent research from Menlo Labs has uncovered a sophisticated phishing campaign aimed at executives employed across industries, such as banking, insurance, property management, real estate, and manufacturing. The U.S.-based organizations have been the primary targets. Diving into details The phishing campaign began in July and abused an open redirection vulnerability on the job search platform […]
Oct 04, 2023THNSupply Chain / Malware A new deceptive package hidden within the npm package registry has been uncovered deploying an open-source rootkit called r77, marking the first time a rogue package has delivered rootkit functionality. The package in question is node-hide-console-windows, which mimics the legitimate npm package node-hide-console-window in what’s an instance of a […]
A county in Wisconsin is responding to a ransomware attack that targeted its public health department and forced officials to take some systems offline. Officials in Rock County, Wisconsin told Recorded Future News that they experienced a cyberattack on September 29 that affected several of their computer systems. The attack targeted the Rock County Public […]
The European Parliament agreed on Tuesday to strengthen protections for journalists from government surveillance as part of the proposed European Media Freedoms Act. As originally proposed last September, the law would have prohibited surveilling journalists and their families — and banned the use of spyware to target their devices — except in the cases of […]
Oct 04, 2023THNCloud Security / Cyber Threat Microsoft has detailed a new campaign in which attackers unsuccessfully attempted to move laterally to a cloud environment through a SQL Server instance. “The attackers initially exploited a SQL injection vulnerability in an application within the target’s environment,” security researchers Sunders Bruskin, Hagai Ran Kestenberg, and Fady Nasereldeen […]
Indiana Attorney General Todd Rokita is suing a northwest Indiana medical office over a ransomware event that put personal and protected health information at risk. The lawsuit alleges the provider was aware of security concerns before the data breach. The lawsuit filed last week against CarePointe — an ear, nose, throat, sinus and hearing provider […]