The feature will route third-party traffic through proxies, making users’ IP addresses invisible to specific domains, while adapting to safeguard against cross-site tracking.
Affected Platforms: WindowsImpacted Users: Windows usersImpact: The information collected can be used for future attacksSeverity Level: Medium In 2023, the InfoStealer market is a reasonably crowded affair. The likes of RedLine, Raccoon, and Vidar own a significant market share, with new entrants such as SaphireStealer appearing frequently. The latest entry, ExelaStealer has now taken the […]
Threat actors are known for impersonating popular brands in order to trick users. In a recent malvertising campaign, we observed a malicious Google ad for KeePass, the open-source password manager which was extremely deceiving. We previously reported on how brand impersonations are a common occurrence these days due to a feature known as tracking templates, but this […]
The vendor has released a patch (version 1.3.79) to fix the flaw (CVE-2023-5360), and users are recommended to upgrade as soon as possible, but a website cleanup may be necessary to remove any infections or malicious files.
Users should carefully review app permissions and ensure they are using the latest version of the app to minimize the risk of being targeted by spyware or fake notifications.
Oct 10, 2023NewsroomPassword Security / Technology Google on Tuesday announced the ability for all users to set up passkeys by default, five months after it rolled out support for the FIDO Alliance-backed passwordless standard for Google Accounts on all platforms. “This means the next time you sign in to your account, you’ll start seeing prompts […]
AWS said most-privileged users, and eventually more account types, will be required to use multifactor authentication beginning in mid-2024. The move makes the cloud giant the first of the three major hyperscalers to commit to MFA baseline controls by default. “AWS is further strengthening the default security posture of our customers’ environments by requiring the […]
LightSpy, a malware deployed in a 2020 watering hole attack against iOS users, has been found to be embedded with a set of 14 plugins that are responsible for private data exfiltration. Researchers have attributed the malware to the Chinese state-sponsored APT41 group, which previously had used DragonEgg and WyrmSpy spyware to target Android users. […]
A new phishing campaign detected by Perception Point and reported by Akamai is targeting Booking.com users and is a prime example of the lengths threat actors will go to for a payday. This attack exemplifies the alarming threat levels the hospitality sector as a whole faces in 2023 as threat actors leverage InfoStealer malware compromised […]