Apr 03, 2024NewsroomWeb Security / Vulnerability A critical security flaw impacting the LayerSlider plugin for WordPress could be abused to extract sensitive information from databases, such as password hashes. The flaw, designated as CVE-2024-2879, carries a CVSS score of 9.8 out of a maximum of 10.0. It has been described as a case of SQL […]
Apr 02, 2024NewsroomCyber Espionage / Threat Intelligence A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the radar. “Earth Freybug is a cyberthreat group that has been active since at least 2012 that focuses on espionage and financially motivated activities,” Trend Micro security researcher […]
Apr 02, 2024NewsroomBrowser Security / Data Security Google has agreed to purge billions of data records reflecting users’ browsing activities to settle a class action lawsuit that claimed the search giant tracked them without their knowledge or consent in its Chrome browser. The class action, filed in 2020, alleged the company misled users by tracking […]
Apr 02, 2024NewsroomMalvertising / Threat Intelligence The threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors in Latin America with the goal of deploying Venom RAT. The attacks primarily singled out hotel, travel, trading, financial, manufacturing, industrial, and government verticals in Spain, Mexico, […]
Apr 01, 2024NewsroomCryptocurrency / Financial Fraud The Indian government said it has rescued and repatriated about 250 citizens in Cambodia who were held captive and coerced into running cyber scams. The Indian nationals “were lured with employment opportunities to that country but were forced to undertake illegal cyber work,” the Ministry of External Affairs (MEA) […]
Apr 01, 2024NewsroomBotnet / Mobile Security Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store. The findings come from HUMAN’s Satori Threat Intelligence team, which said the cluster of VPN apps came fitted with a Golang […]