Cybersecurity

Google Starts Blocking Sideloading of Potentially Dangerous Android Apps in Singapore

Feb 08, 2024NewsroomData Protection / Mobile Securit Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps that abuse Android app permissions to read one-time passwords and gather sensitive data. “This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive […]

Cybersecurity

Malicious Excel File Drops Python Info-stealer | Cyware Hacker News

A recent analysis by Fortinet’s FortiGuard Labs has unveiled a sophisticated Python-based info-stealer distributed through a malicious Excel document. The attack exemplifies the innovative techniques cybercriminals employ to breach personal and organizational data. Diving into Details At the core of this campaign is the use of Excel 4.0 macros, a legacy feature that remains supported […]

Cybersecurity

Signature Techniques of Asian APT Groups Revealed

The Kaspersky Cyber Threat Intelligence team has unveiled crucial insights into the tactics, techniques and procedures (TTPs) employed by Asian Advanced Persistent Threat (APT) groups. The 370-page report, Modern Asian APT groups: Tactics, Techniques and Procedures, published today, is based on an examination of around one hundred cybersecurity incidents that unfolded across different regions globally, commencing […]

Cybersecurity

China Unleashes AI-Powered Image Generation For Influence Operations

China has unveiled a new cyber capability powered by artificial intelligence, enabling the automatic generation of images for influence operations. These operations aim to mimic US voters across the political spectrum, fueling controversy along racial, economic and ideological lines. The findings come from a new report released by Microsoft Threat Analysis Center (MTAC) on Thursday. […]

Cybersecurity

API Vulnerabilities: 74% of Organizations Report Multiple Breaches

API security company Traceable has unveiled its 2023 State of API Security Report. In collaboration with the Ponemon Institute, the study provides a comprehensive global perspective on the state of API security, exposing critical vulnerabilities and their far-reaching consequences. The report, based on insights from 1629 cybersecurity experts across the United States, the United Kingdom […]

Cybersecurity

Mend.io SAML Vulnerability Exposed

WithSecure has unveiled a new security vulnerability in Mend.io’s application security platform today, raising concerns about data privacy and potential exploitation.  Mend.io, a provider of application security solutions with over 1000 customers, has swiftly addressed the issue. The vulnerability centers on Mend.io’s implementation of the Security Assertion Markup Language (SAML) login option, a standard method […]

  • 1
  • 2