Tag: http://www.infosecurity-magazine.com/rss/news/76/application-security/

Researchers warn of spyware hidden in legitimate-looking apps This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Evil Telegram Mods Removed From Google Play

Read more →

The findings come from a new report released by Microsoft Threat Analysis Center on Thursday This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: China Unleashes AI-Powered Image Generation For Influence Operations

Read more →

Cisco Talos reported that the campaign has been active since at least November 2021 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cyber-criminals Exploit GPUs in Graphic Design Software

Read more →

The team has discovered the exploitation of at least one zero-day flaw in the last few weeks This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Google TAG Exposes North Korean Campaign Targeting Researchers

Read more →

Vladislav Klyushin hacked into US filing agents to discover non-public information about hundreds of companies on the US stock exchange This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Russian Man Handed Nine-Year Sentence for Hacking Scheme

Read more →

Apache flaw can enable remote command execution This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CISA Adds Critical RocketMQ Bug to Must-Patch List

Read more →

ICO reveals over half of women are worried about their data This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Regulator to Investigate Fertility App Security Concerns

Read more →

Apache flaw can enable remote command execution This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CISA Adds Critical RocketMQ Bug to Must-Patch List

Read more →

Users of iOS devices urged to enable lockdown mode This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Apple Patches Two Zero-Days Exploited in Pegasus Attacks

Read more →

The Traceable report is based on insights from 1629 cybersecurity experts across the US, UK and EU This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: API Vulnerabilities: 74% of Organizations Report Multiple Breaches

Read more →

Akamai found domain shifts of 50 days from expected dates, suggesting hacker-driven confusion This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: DGA Behavior Shifts Raise Cybersecurity Concerns

Read more →

The exploit code, shared by a researcher on Reddit, demonstrates the issue This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Zero-Day Flaw Exposes Atlas VPN User IPs

Read more →

These new sanctions follow a first wave in February 2023, where seven Russians involved with Trickbot and Conti were also sanctioned This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK and US Sanction 11 Russians Tied to…

Read more →

The attackers may have accessed sensitive patient information, such as health insurance and medication details This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: IBM Reports Patient Data Breach at Johnson & Johnson Subsidiary

Read more →

The threat actor used the stolen key to breach 25 organizations, including US government agencies This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chinese Hacker Steals Microsoft Signing Key, Spies on US Government

Read more →

Progressive Britain wants the party to borrow from US security strategy This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Think Tank Urges Labour to Promote “Securonomics” Agenda

Read more →

Users are first targeted by Facebook adverts This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Hundreds of Scam Pages Uncovered in Major Investment Fraud Campaign

Read more →

Statement to Lords heralds delay to on-device message scanning This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Government Backs Down on Anti-Encryption Stance

Read more →

The open source tool will enable cyber teams to consistently test and boost the defenses of ICS environments This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: MITRE and CISA Release OT Attack Emulation Tool

Read more →

The attack has been carried out using legitimate services and standard software functions, CERT-UA observed This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Russia-Backed APT28 Tried to Attack a Ukrainian Critical Power Facility

Read more →

The unpatched bug in PHPFusion could result in the theft of sensitive data, Synopsys researchers warn This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: High-Severity Vulnerability Discovered in Popular CMS

Read more →

The attack has been carried out using legitimate services and standard software functions, CERT-UA observed This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Russia-Backed APT28 Tried to Attack Ukrainian Critical Power Facility

Read more →

Their global peers feel the opposite, according to Proofpoint study This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Boards Are Growing Less Concerned About Cyber-Risk

Read more →

Secretive group targets specifically Microsoft 365 accounts This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Experts Uncover Underground Phishing “Empire” W3LL

Read more →

Hot wallets were compromised at firm This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Crypto Casino Stake.com Back Online After $40m Heist

Read more →

SAML flaw in enabled rogue customers to access others’ SaaS data This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Mend.io SAML Vulnerability Exposed

Read more →

Auditors cited outdated software and unsupported iPhones as key reasons for the failed test This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Electoral Commission Fails Cybersecurity Test Amid Data Breach

Read more →

Group-IB said 2022 saw 30% more loyalty fraud, impacting 75+ airlines and involving 2000 malicious sources This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Airlines Battle Surge in Loyalty Program Fraud

Read more →

Highgate Wood School forced to delay new term for six days This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: More Schools Hit By Cyber-Attacks Before Term Begins

Read more →

Industry veteran Ollie Whitehouse is confirmed This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK National Cyber Security Centre Gets a New CTO

Read more →

Non-profit urges all users to reset passwords This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Freecycle Breach May Have Hit Millions of Users

Read more →

ReversingLabs uncovered three additional malevolent packages believed to be part of the campaign This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Python Package Index Targeted Again By VMConnect

Read more →

JPCERT/CC said it can elude detection by embedding a malicious Word file within a PDF document This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Attack Technique “MalDoc in PDF” Alarms Experts

Read more →

According to CloudSEK, the leaked database contains over 320,000 patient records This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Medical Data Breach: Ayush Jharkhand Hacked

Read more →

Zaun, the UK’s only manufacturer of fencing systems, saw its IT systems being compromised in early August This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Sensitive Data about UK Military Sites Potentially Leaked by LockBit

Read more →

Blast radius appears limited to international students This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Sydney University Suffers Supply Chain Breach

Read more →

The Brittingham Group promised outsized returns to victims This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Four Convicted in $18m Investment Fraud Scheme

Read more →

Separate research warns of widespread email security failings This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Suffolk High School Forced Offline After Cyber-Attack

Read more →

Resecurity explained the “Smishing Triad” campaign exclusively utilizes iMessages This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Smishing Triad: China-Based Fraud Network Exposed

Read more →

Cisco Talos said SapphireStealer has evolved significantly, resulting in multiple variants This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Open-Source Malware SapphireStealer Expands

Read more →

Trend Micro noted that “Earth Estries” employed advanced tactics to infiltrate networks This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Sophisticated Cyber-Espionage Group Earth Estries Exposed

Read more →

Although the patches for these vulnerabilities have already been released, public attacks are still occurring This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Adobe ColdFusion Critical Vulnerabilities Exploited Despite Patches

Read more →

Jamf suggested firms enroll employees in a BYOD or Mobile Device Management (MDM) program This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: BYOD Security Gap: Survey Finds 49% of European Firms Unprotected

Read more →

Slashnext unveiled a disturbing arsenal of stealers, cookies and exploits This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Research Exposes Airbnb as Breeding Ground For Cybercrime

Read more →

These groups often sell ads to other cybercriminals, either for a fee or a share of the operations This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Facebook Accounts Targeted by Vietnamese Threat Groups

Read more →

Infamous Chisel, which enables unauthorized access to compromised Android devices used by the Ukrainian military, has been linked to Sandworm This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: GRU Blamed for Infamous Chisel Malware Targeting Ukraine’s Military…

Read more →

The Gamaredon group has ramped up attacks against Ukrainian military entities, with the aim of hindering Ukraine’s counter-offensive operations This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Russian APT Intensifies Cyber Espionage Activities Amid Ukrainian Counter-Offensive

Read more →

The vulnerable code was identified by the security research team at PatchStack This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Flaw Exposes WP Migration Plugin to Hacks

Read more →

ESET said BadBazaar was available via the Google Play Store, Samsung Galaxy Store and various app sites This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chinese APT Group GREF Use BadBazaar in Android Espionage

Read more →

The campaign deployed many malware families, including Skipjack, DepthCharge, Foxglove and Foxtrot This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chinese Hackers Target US, Other Govts With Barracuda Flaw

Read more →

With Operation Duck Hunt, the FBI took control of the botnet, allowed victims to uninstall the malware loader and seized $8.6m in cryptocurrency This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: FBI-Led Operation Duck Hunt Shuts Down…

Read more →

OpenAI has launched ChatGPT Enterprise highlighting high-profile customers including Klarna, PwC and The Estee Lauder Companies This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: OpenAI Promises Enterprise-Grade Security with ChatGPT for Business

Read more →

The UK cyber agency highlights the lack of understanding of LLMs among industry and academia This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: NCSC Issues Cyber Warning Over AI Chatbots

Read more →

Kaspersky explained that LockBit 3.0, also known as LockBit Black, first emerged in June 2022 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: LockBit 3.0 Ransomware Variants Surge Post Builder Leak

Read more →

Sophos X-Ops suspects the involvement of a well-known ransomware threat actor known as STAC4663 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Ransomware Campaign Targets Citrix NetScaler Flaw

Read more →

Delinea’s report shows gap grows as firms struggle for cyber insurance, longer policy wait times This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Report Reveals Growing Disparity in Cyber Insurance Landscape

Read more →

Existing phishing-as-a-service platforms are increasingly incorporating adversary-in-the-middle capabilities This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Microsoft Warns of Adversary-in-the-Middle Uptick on Phishing Platforms

Read more →

ReliaQuest found that 80% of cyber intrusion campaigns used either QakBot, SocGholish or Raspberry Robin This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Four in Five Cyber-Attacks Powered by Just Three Malware Loaders

Read more →

Nearly one in three young adults has had their personal information misused This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Privacy Regulator Warns of Surge in “Text Pest” Cases

Read more →

Vulnerability could be exploited to gain elevated privileges This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Researchers Discover Reply URL Takeover Issue in Azure

Read more →

Feds warn that patching will not rid system of APT group This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: FBI: Barracuda Appliances Still Being Exploited By China

Read more →

QuiteRAT, the North-Korea-Backed group’s new malware, exploits a 2022 ManageEngine ServiceDesk vulnerability This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Lazarus Group Targets Internet Infrastructure and Healthcare with ‘QuiteRAT’ Malware

Read more →

Threat actors use unique infection chains to deploy QakBot malware This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Creative QakBot Attack Tactics Challenge Security Defenses

Read more →

Between Monday and Tuesday, the FBI has traced approximately 1580 stolen Bitcoins This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: FBI Flags $40M Crypto Cash-Out Plot By North Korean Hackers

Read more →

The compromised data includes names, usernames, email addresses and internal service-related details This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Data of 2.6 Million Duolingo Users Leaked on Hacking Forum

Read more →

Netenrich suggested LOLKEK, BIT, OBZ, U2K and TZW ransomware strains share significant similarities This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Study Sheds Light on Adhubllka Ransomware Network

Read more →

The draft standards are expected to become the global benchmark for quantum-resistant cybersecurity across the world in 2024 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: NIST Publishes Draft Post-Quantum Cryptography Standards

Read more →

The data breach is suspected to be linked to the Clop MOVEit hack This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Sensitive Data of 10 Million at Risk After French Employment Agency Breach

Read more →

Emails use social engineering to con victims This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Sextortion Scams Surge 178% in a Year

Read more →

UK council identified attack on Monday This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: St Helens Council Warns of Phishing After Ransomware Breach

Read more →

Arion Kurtaj was deemed not fit to stand trial This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Teens Found Responsible For Lapsus$ Cyber-Attacks

Read more →

A Sophos report finds that attackers are adapting their approaches in the face of improved detection capabilities This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Attack Dwell Times Fall but Threat Actors Are Moving Faster

Read more →

SentinelOne observed that the imitating application targeted users within work environments This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: XLoader MacOS Malware Variant Returns With OfficeNote Facade

Read more →

Group-IB said cyber-criminals used the flaw to create archives packaged with DarkMe, GuLoader and Remcos RAT This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: WinRAR Vulnerability Affects Traders Worldwide

Read more →

The Check Point report also highlights an evolution of ransomware tactics This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Artificial Intelligence and USBs Drive 8% Rise in Cyber-Attacks

Read more →

Cybersecurity provider Barracuda used AI-powered account profiling to detect nearly a million cyber incidents in 2023 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Thousands of High-Risk Incidents Neutralized Using AI

Read more →

ITRC data finds 69% have suffered multiple identity crimes This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Doubling of Identity Theft Victims With Suicidal Thoughts

Read more →

Credit reporting firm accused of sending millions of unwanted emails This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Experian Pays $650,000 to Settle Spam Claims

Read more →

Researchers find four vulnerabilities in popular model This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: TP-Link Smart Bulb Spills Wi-Fi Passwords

Read more →

The research also highlights a shift in hacker tactics toward exploiting network server flaws This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Critical Insight Report: 15% Drop in Breaches, 31% Surge in Victims

Read more →

ESET’s investigation also revealed that certain Spacecolon versions contain Turkish strings This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Scarab Ransomware Deployed Worldwide Via Spacecolon Toolset

Read more →

DIGIHEALS will call for proposals for technologies originally designed for national security This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: US ARPA-H Initiative Counters Healthcare Cyber-Threats

Read more →

NCC Group researchers observed 502 ransomware attacks in July 2023, with a large proportion made up of Clop’s continued exploitation of MOVEit This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Continued MOVEit Exploitation Drives Record Ransomware Attacks

Read more →

Australian utility company Energy One confirmed it had taken steps to limit a cyber-attack affecting its corporate systems This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cyber-Attack on Australian Utility Firm Energy One Spreads to UK Systems

Read more →

Legitimate software used to deploy backdoor malware This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New APT Group Launches Supply Chain Campaign

Read more →

Latest vulnerability affects Ivanti Sentry This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Ivanti Warns of Critical New Zero-Day Bug

Read more →

Two former employees shared information with German newspaper This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Tesla: Insiders Responsible For Major Data Breach

Read more →

ESET said Facebook promoted the download of what seemed to be Google’s Bard AI tool This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Deceptive AI Bots Spread Malware, Raise Security Concerns

Read more →

Credit unions will be obligated to notify the NCUA about any cyber incident within 72 hours This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New NCUA Rule Requires Swift Cyber Incident Reporting

Read more →

The feature, called the “Safety Check,” is designed to address three specific scenarios This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Chrome Feature Alerts Users About Malicious Extensions

Read more →

An advisory by US intelligence provides guidance for space firms on how to identify an espionage campaign, report and mitigate it This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: US Space Industry Under Threat from Foreign Cyber…

Read more →

Over 50,000 have already signed up to program This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Government Urges More Students to Be Cyber Explorers

Read more →

Intelligence analyst posed a serious risk to Operation Venetic This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Police Insider Tipped Off Criminal Friend About EncroChat Bust

Read more →

Russian gang operates comprehensive set of attack tools This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cuba Ransomware Group Steals Credentials Via Veeam Exploit

Read more →

Cofense said that over 29% of the malicious emails were directed at the energy sector giant This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: QR Code Campaign Targets Major Energy Firm

Read more →

Latest CyCognito report exposes 74% PII vulnerability, prompting urgent data protection This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cybersecurity Study Reveals Web App Vulnerability Crisis

Read more →

The operation identified 20,000 cyber networks associated with financial losses exceeding $40m This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Interpol-Led Africa Cyber Surge II Nets 14 Cybercrime Suspects

Read more →

Experts welcome efforts to safeguard society from emerging technologies This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK’s AI Safety Summit Scheduled For Early November

Read more →

Threat actors use several evasion techniques to stay hidden This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Proxyjacking and Cryptomining Campaign Targets GitLab

Read more →

Espionage campaign shares similarities with previous attacks This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chinese Hackers Use DLL Hijacking to Target Asian Gamblers

Read more →