Month: February 2023
PlugX Trojan Disguised as Legitimate Windows Debugger Tool in Latest Attacks
27 February 2023Feb 27, 2023Ravie LakshmananMalware / Cyber Attack The PlugX remote access trojan has been observed masquerading as an open source Windows debugger tool called x64dbg in an attempt to circumvent security protections and gain control of a target system. “This file is a legitimate open-source debugger tool for Windows that is generally used to examine […]
Read More
Dutch Police Arrest 3 Hackers Involved in Massive Data Theft and Extortion Scheme
27 February 2023Feb 27, 2023Ravie Lakshmanan The Dutch police announced the arrest of three individuals in connection with a “large-scale” criminal operation involving data theft, extortion, and money laundering. The suspects include two 21-year-old men from Zandvoort and Rotterdam and an 18-year-old man without a permanent residence. The arrests were made on January 23, 2023. It’s estimated […]
Read More
Google Teams Up with Ecosystem Partners to Enhance Security of SoC Processors
24 February 2023Feb 24, 2023Ravie LakshmananMobile Security / Firmware Google said it’s working with ecosystem partners to harden the security of firmware that interacts with Android. While the Android operating system runs on what’s called the application processor (AP), it’s just one of the many processors of a system-on-chip (SoC) that cater to various tasks like cellular […]
Read More
How to Tackle the Top SaaS Challenges of 2023
24 February 2023Feb 24, 2023The Hacker NewsCybersecurity Webinar / SaaS Security Are you prepared to tackle the top SaaS challenges of 2023? With high-profile data breaches affecting major companies like Nissan and Slack, it’s clear that SaaS apps are a prime target for cyberattacks. The vast amounts of valuable information stored in these apps make them a […]
Read More
How to Use AI in Cybersecurity and Avoid Being Trapped
24 February 2023Feb 24, 2023The Hacker NewsArtificial Intelligence / Cybersecurity The use of AI in cybersecurity is growing rapidly and is having a significant impact on threat detection, incident response, fraud detection, and vulnerability management. According to a report by Juniper Research, the use of AI for fraud detection and prevention is expected to save businesses $11 […]
Read More
CISA Sounds Alarm on Cybersecurity Threats Amid Russia’s Invasion Anniversary
24 February 2023Feb 24, 2023Ravie LakshmananCyber War / Cybersecurity The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging organizations and individuals to increase their cyber vigilance, as Russia’s military invasion of Ukraine officially enters one year. “CISA assesses that the United States and European nations may experience disruptive and defacement attacks against websites in an attempt […]
Read More
Majority of Android Apps on Google Play Store Provide Misleading Data Safety Labels
24 February 2023Feb 24, 2023Ravie LakshmananPrivacy / Data Safety An investigation into data safety labels for Android apps available on the Google Play Store has uncovered “serious loopholes” that allow apps to provide misleading or outright false information. The study, conducted by the Mozilla Foundation as part of its *Privacy Not Included initiative, compared the privacy policies […]
Read More
Hackers Using Trojanized macOS Apps to Deploy Evasive Cryptocurrency Mining Malware
23 February 2023Feb 23, 2023Ravie LakshmananEndpoint Security / Cryptocurrency Trojanized versions of legitimate applications are being used to deploy evasive cryptocurrency mining malware on macOS systems. Jamf Threat Labs, which made the discovery, said the XMRig coin miner was executed as Final Cut Pro, a video editing software from Apple, which contained an unauthorized modification. “This malware […]
Read More
Experts Sound Alarm Over Growing Attacks Exploiting Zoho ManageEngine Products
23 February 2023Feb 23, 2023Ravie Lakshmanan Multiple threat actors have been observed opportunistically weaponizing a now-patched critical security vulnerability impacting several Zoho ManageEngine products since January 20, 2023. Tracked as CVE-2022-47966 (CVSS score: 9.8), the remote code execution flaw allows a complete takeover of the susceptible systems by unauthenticated attackers. As many as 24 different products, including […]
Read More
The Secret Vulnerability Finance Execs are Missing
23 February 2023The (Other) Risk in Finance A few years ago, a Washington-based real estate developer received a document link from First American – a financial services company in the real estate industry – relating to a deal he was working on. Everything about the document was perfectly fine and normal. The odd part, he told a […]
Read More