Tag: http://www.infosecurity-magazine.com/rss/news/76/application-security/

Unlike the group’s usual tactics, MQsTTang only has a single stage and does not use obfuscation This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Backdoor MQsTTang Attributed to Mustang Panda Group

Read more →

Malicious activity using a particular malware variant has been spotted since September 2022 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CISA Warns Against Royal Ransomware in New Advisory

Read more →

UK’s security agency warns against letting protection lapse This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: NCSC: Twitter Users Should Find MFA Alternatives

Read more →

New study uses AI to analyze text of dark web forum users This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: At Least 30% of “Cyber-Criminals” Are Women: Report

Read more →

Small businesses are particularly vulnerable This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Experts Warn of “SMS Pumping” Fraud Epidemic

Read more →

The vulnerabilities could affect users logging into the site via their Facebook accounts This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: API Security Flaw Found in Booking.com Allowed Full Account Takeover

Read more →

The Strategy provides guidelines on how companies allocate roles and responsibilities in cyber space This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: White House Launches National Cybersecurity Strategy

Read more →

Employee data was accessed by the threat actors, including names, addresses, and more This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: WH Smith Discloses Cyber-Attack, Company Data Theft

Read more →

Kremlin hunkers down as war enters its second year This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Russian Government Bans Foreign Messaging Apps

Read more →

Regulator says Hancock saga highlights dangers of using WhatsApp This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: ICO Calls for Review into Private Message Use by Ministers

Read more →

Users bombarded with fake emails, texts and calls This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Major Phishing Campaign Targets Trezor Crypto Wallets

Read more →

The move will facilitate compliance procedures for private and public sector organizations This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Google Workspace Adds Client-Side Encryption to Gmail and Calendar

Read more →

The recommendations stem from a red team assessment conducted in 2022 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CISA Shares Advice to Improve Networks’ Monitoring and Hardening

Read more →

The findings come from DoControl’s latest SaaS Security Threat Landscape report This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Public SaaS Assets Are a Major Risk For Medium, Large Firms

Read more →

Endpoint security provider Lookout released its Global State of Mobile Phishing Report, which shows an unprecedented rate of mobile phishing attacks This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Record Number of Mobile Phishing Attacks in 2022

Read more →

Threat actors obtained credentials and keys later used to access and decrypt some storage volumes This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Keylogger on Employee Home PC Led to LastPass 2022 Breach

Read more →

Every second counts as threat actors accelerate lateral movement This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Attacker Breakout Time Drops to Just 84 Minutes

Read more →

Satellite TV provider comes clean in SEC filing This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Dish Network Confirms Ransomware Outage

Read more →

Bitdefender moves in record time to help victims This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Researchers Release MortalKombat Ransomware Decryptor

Read more →

Within 90 days, agencies must also cancel existing contracts that necessitate the app’s use This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: US Gov. Agencies Have 30 Days to Remove TikTok, Canada Follows Suit

Read more →

Threat actors obtained credentials and keys later used to access and decrypt some storage volumes This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: LastPass Data Stolen in August 2022 Breach Used For December Attack

Read more →

Drew Wade, chief of the Marshals Service public affairs office, made the announcement on Monday This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Ransomware Attack Hits US Marshals Service

Read more →

Proofpoint reveals surge in direct financial losses from attacks This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Phone Attacks and MFA Bypass Drive Phishing in 2022

Read more →

Overall malware detections also rise after three years of decline This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Experts Spot Half a Million Novel Malware Variants in 2022

Read more →

Insurer records 91 million attacks in total in January This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: London Honeypots Attacked 2000 Times Per Minute

Read more →

Kaspersky said the figures are more than double what the team observed in 2021 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Researchers Discover Nearly 200,000 New Mobile Banking Trojan Installers

Read more →

A threat actor accessed business documents and emails between February 2020 and January 2022 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: News Corp Reveals Two-Year-Long Breach

Read more →

Asec said the malicious activity observed relied on VHD disk image files This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: ChromeLoader Malware Poses as Steam, Nintendo Game Mods

Read more →

Insurance company owner alleged to have skimmed off millions This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: North Carolina Business Magnate Indicted in $2bn Fraud Case

Read more →

Threat actor delivers multiple malware types via PureCrypter This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Governments Targeted by Discord-Based Threat Campaign

Read more →

Men are accused of stealing data on tens of millions of victims This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Police Arrest Trio in Multimillion-Dollar Extortion Case

Read more →

The claims come from Mozilla’s *Privacy Not Included researchers This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Privacy Concerns Raised Over Android Apps’ Data Safety Labels

Read more →

It warned nations’ defenders against disruptive and defacement attacks today This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CISA Calls For Increased Vigilance One Year After Ukraine’s Russian Invasion

Read more →

The move aims to protect the Commission against cybersecurity threats This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: EU Commission Bans TikTok on Corporate Devices

Read more →

Recorded Future claims war in Ukraine is having a major impact This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Russian IT “Brain Drain” Decentralizes Cybercrime

Read more →

FTC says consumer fraud is up 30% on the previous year This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Investment Scams Drive $9bn in Fraud in 2022

Read more →

Trend Micro urges victim organizations to resist extorters demands This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Firms Who Pay Ransom Subsidise 10 New Attacks: Report

Read more →

The Wslink loader can reportedly serve other connecting clients and load additional payloads This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: WinorDLL64 Backdoor Linked to Lazarus Group

Read more →

ReversingLabs cybersecurity researchers spotted 41 malicious PyPI packages This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Dozens of Malicious ‘HTTP’ Libraries Found on PyPI

Read more →

The malicious software employs DLL sideloading techniques to run its malicious components This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Hackers Use S1deload Stealer to Target Facebook, YouTube Users

Read more →

A fifth of firms use accountants to help with compliance This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: ICO Calls on Accountants to Improve SME Data Protection

Read more →

Fortinet detected a 50% increase in destructive attacks in H2 2022 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Russian Invasion Sparks Global Wiper Malware Surge

Read more →

Campaigns designed to steal card information and install malware This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Phishing Sites and Apps Use ChatGPT as Lure

Read more →

The figures come from Synopsys’ new Open Source Security and Risk Analysis report This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Open Source Flaws Found in 84% of Codebases

Read more →

The hackers appear to have a possible interest in industries connected with COVID-19 treatments This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Hydrochasma Group Targets Asian Medical and Shipping Sectors

Read more →

The malicious packages were reportedly created using automated processes This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Npm Packages Used to Distribute Phishing Links

Read more →

Outage impacts Russian state media websites This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Putin Speech Interrupted by DDoS Attack

Read more →

Extortion found to be most common impact from cyber-attacks in 2022 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Time Taken to Deploy Ransomware Drops 94%

Read more →

Security researchers say hackers successfully exfiltrated content This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Call of Duty Developer Confirms Phishing Attempt but Not Breach

Read more →

The new class of privilege escalation bugs is based on the ForcedEntry attack This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Privilege Escalation Bug Class Found on macOS and iOS

Read more →

The flaw is triggered using the Race Condition between temporary file creation and deletion This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Hackers Exploit Privilege Escalation Flaw on Windows Backup Service

Read more →

Stealc is a fully featured stealer, whose development relied on Vidar, Raccoon, Mars and Redline This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Researchers Uncover New Information Stealer ‘Stealc’

Read more →

Trio get 12 years behind bars This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: City Fund Managers Jailed for $8m Fraud

Read more →

Ransomware group tries to demonize carriers in negotiations This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Ransomware Gang Seeks to Exploit Victims’ Insurance Coverage

Read more →

Ransomware group tries to demonize carriers in negotiations This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Ransomware Gang Seeks to Exploit Victim’s Insurance Coverage

Read more →

Many don’t have any security controls in place, says F-Secure This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Fifth of Brits Have Fallen Victim to Online Scammers

Read more →

The feature provides a sandbox layer isolating some image files from the rest of the device This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Samsung Launches Message Guard to Protect Users From Cyber-Threats

Read more →

An unauthorized party caused the intermittent redirection of customer websites This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: GoDaddy Announces Source Code Stolen and Malware Installed in Breach

Read more →

The malware was used by a previously unknown threat actor against targets in Taiwan This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Frebniis Malware Exploits Microsoft IIS Feature

Read more →

Question marks remain over what happened at New York field office This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: FBI “Contains” Cyber-Incident on its Network

Read more →

Funds were taken in attack on Ronin Network This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Norway Seizes Millions in North Korean Crypto

Read more →

Criminal network comprises French and Israeli gangsters This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Police Bust $41m Email Scam Gang

Read more →

The threat actor initiated infection chains by targeting employees through WhatsApp messages This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos

Read more →

The document directly mentions APT27, APT30, APT31, Ke3chang, Gallium and Mustang Panda This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: EU Cybersecurity Agency Warns Against Chinese APTs

Read more →

One year after the invasion of Ukraine, Google and Mandiant analyzed the cyber strategy of Russia-backed threat actors This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Google Report Reveals Russia’s Elaborate Cyber Strategy in Ukraine

Read more →

The newest version of OxtaRAT is a polyglot file combining a compiled AutoIT script and an image This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Armenia and Azerbaijan Hackers Use OxtaRAT to Monitor Conflict

Read more →

The UK National Cybersecurity Centre’s new guidance breaks down the essentials of a good supply chain mapping (SCM) list This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK NCSC Launches Recommendations on Supply Chain Mapping

Read more →

It’s OK Ltd made over 1.7 million nuisance calls This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Firm Fined £200K For “Exploitative” Call Campaign

Read more →

Attempt to trick network defenders into allow-listing remote access app This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Hackers Fake Emsisoft Certificate to Hide Attack

Read more →

Email snafu affects staff at Liverpool University Hospital Foundation Trust This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Data Leak Hits Thousands of NHS Workers

Read more →

Combined, the two groups have launched BEC campaigns in at least 13 different languages This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: BEC Groups Target Firms With Multilingual Impersonation Attacks

Read more →

Core functions are intact, but the city has taken certain non-emergency systems offline This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: City of Oakland Declares State of Emergency After Ransomware Attack

Read more →

The phishing email warned users that there had been fraud on the account This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Hackers Leverage PayPal to Send Malicious Invoices

Read more →

Scammers made an estimated $30m in profits in 2022 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Quarter of Crypto Tokens Linked to Pump-and-Dump

Read more →

The average malware variant now utilizes 11 TTPs This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Experts Warn of Surge in Multipurpose Malware

Read more →

Security and ethical concerns raised by surveillance commissioner This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Policing Riddled with Chinese CCTV Cameras

Read more →

It is an initiative designed to limit user data sharing in digital advertising This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Google Launches Privacy Sandbox Beta on Android 13 Devices

Read more →

It shows the threat actor trying to convince Royal Mail to pay the ransom using various techniques This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: LockBit and Royal Mail Ransomware Negotiation Leaked

Read more →

The attacks mainly targeted victims in the US but also in the UK, Turkey, and the Philippines This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Crypto-Stealing Campaign Deploys MortalKombat Ransomware

Read more →

Recorded Future analyzed how threat actors have been exploiting VMware ESXi vulnerabilities over the past three years This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Threat Analysis: VMware ESXi Attacks Soared in 2022

Read more →

Valentine’s Day outages hit airline and media companies This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: SAS App and Website Hit as Attacks Target Swedish Firms

Read more →

February Patch Tuesday contains updates for over 70 CVEs This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Microsoft Patches Three Zero-Day Bugs This Month

Read more →

Indian threat group conducts hundreds of operations in a short time-span This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: SideWinder APT Attacks Regional Targets in New Campaign

Read more →

The infostealer Vidar has returned to the top 10 after an increase in ‘brandjacking’ attacks This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Lokibot, AgentTesla Grow in January 2023’s Most Wanted Malware List

Read more →

The group previously targeted government agencies and think tanks in Asia and Europe This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chinese Hackers Infiltrate South American Diplomatic Networks

Read more →

Experts say the delay in notifying customers left data potentially open to compromise This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Hackers Breach Pepsi Bottling Ventures’ Network

Read more →

Group laundered funds via 100 bank accounts This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Spanish Police Bust €5m Phishing Gang

Read more →

Attack reached 71 million requests-per-second This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cloudflare Stops Largest HTTP DDoS Attack on Record

Read more →

Sanctioned mixer Blender is actually Sinbad, says Elliptic This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Resurrected Crypto-mixer Launders $100m in North Korean Funds

Read more →

Victim losses associated with online romance scams nationwide totaled approximately $5.9bn in 2021 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cybersecurity Experts Warn Against Valentine’s Day Romance Scams

Read more →

The threat actors used phishing to deliver malicious files created with the Royal Road Weaponizer This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Group-IB Blocks Attack By Chinese Tonto Team Hackers

Read more →

Cybersecurity experts believe senior leadership teams underestimate cyber-threats This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Majority of Firms Make Cybersecurity Decisions Without Attacker Insight

Read more →

Latest npm and PyPI finds should be kept out of build environments This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Researchers Uncover 700+ Malicious Open Source Packages

Read more →

Money transfer firm failed to crack down on scam agents This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: MoneyGram Fraud Victims Get $115m in Compensation

Read more →

Domain registrar blames upstream provider This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Namecheap Customers Flooded with Phishing Emails

Read more →

The SNP MP revealed details of the incident, in which he clicked on a malicious file purportedly about the military situation in Ukraine This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Politician’s Email Hacked by Suspected…

Read more →

Reddit said there was “no indication” of a breach of the company’s primary production systems This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Reddit Hit By Phishing Attack, Source Code Stolen

Read more →

The latest iteration of the document is now analyzing activity by the Maui and H0lyGh0st groups This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: US Warns Critical Sectors Against North Korean Ransomware Attacks

Read more →

Reversing Labs said aabquerys was able to download second- and third-stage malware payloads This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Malicious Npm Package Uses Typosquatting, Downloads Malware

Read more →

Some industrial systems have been exposed for three years This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Fifth of ICS Bugs Have No Patch Available

Read more →