Sep 24, 2024Ravie LakshmananMobile Security / Malware Altered versions of legitimate Android apps associated with Spotify, WhatsApp, and Minecraft have been used to deliver a new version of a known malware loader called Necro. Kaspersky said some of the malicious apps have also been found on the Google Play Store. They have been cumulatively downloaded 11 million times. They … [Read more...] about Necro Android Malware Found in Popular Camera and Browser Apps on Play Store
popular
Defending against popular cyberattack techniques in 2024
Recent reports by Kaspersky experts on the statistics of Managed Detection and Response (MDR) and Incident Response (IR) services for 2023 reveal that most observed cyberattacks employ a handful of techniques that are repeated time and again. These techniques are seen both in attacks that are fully executed and cause damage, as well as in incidents that are stopped in their … [Read more...] about Defending against popular cyberattack techniques in 2024
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw
May 02, 2024NewsroomVulnerability / Android Several popular Android applications available in Google Play Store are susceptible to a path traversal-affiliated vulnerability that could be exploited by a malicious app to overwrite arbitrary files in the vulnerable app's home directory. "The implications of this vulnerability pattern include arbitrary code execution and token … [Read more...] about Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw
Exploring 11 popular machine learning algorithms
Over the past few years, machine learning (ML) has quietly become an integral part of our daily lives. It impacts everything from personalized recommendations on shopping and streaming sites to protecting our inboxes from the onslaught of spam we get every day. But it’s not purely a tool for our convenience. Machine learning has become crucial in the current tech landscape, and … [Read more...] about Exploring 11 popular machine learning algorithms
Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files
"Test files" associated with the XZ Utils backdoor have made their way to a Rust crate known as liblzma-sys, new findings from Phylum reveal. liblzma-sys, which has been downloaded over 21,000 times to date, provides Rust developers with bindings to the liblzma implementation, an underlying library that is part of the XZ Utils data compression software. The impacted version in … [Read more...] about Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files
NS-STEALER Uses Discord Bots to Exfiltrate Your Secrets from Popular Browsers
Jan 22, 2024NewsroomBrowser Security / Cyber Threat Cybersecurity researchers have discovered a new Java-based "sophisticated" information stealer that uses a Discord bot to exfiltrate sensitive data from compromised hosts. The malware, named NS-STEALER, is propagated via ZIP archives masquerading as cracked software, Trellix security researcher Gurumoorthi Ramanathan said in … [Read more...] about NS-STEALER Uses Discord Bots to Exfiltrate Your Secrets from Popular Browsers
Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software
Jan 19, 2024NewsroomMalware / Endpoint Security Pirated applications targeting Apple macOS users have been observed containing a backdoor capable of granting attackers remote control to infected machines. "These applications are being hosted on Chinese pirating websites in order to gain victims," Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley said. "Once … [Read more...] about Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software
Encryption Flaws in Popular Chinese Language App Put Users’ Typed Data at Risk
Aug 10, 2023THNPrivacy / Encryption A widely used Chinese language input app for Windows and Android has been found vulnerable to serious security flaws that could allow a malicious interloper to decipher the text typed by users. The findings from the University of Toronto's Citizen Lab, which carried out an analysis of the encryption mechanism used in Tencent's Sogou Input … [Read more...] about Encryption Flaws in Popular Chinese Language App Put Users’ Typed Data at Risk
Sneaky DogeRAT Trojan Poses as Popular Apps, Targets Indian Android Users
May 30, 2023Ravie LakshmananMobile Security / Android A new open source remote access trojan (RAT) called DogeRAT targets Android users primarily located in India as part of a sophisticated malware campaign. The malware is distributed via social media and messaging platforms under the guise of legitimate applications like Opera Mini, OpenAI ChatGOT, and Premium versions of … [Read more...] about Sneaky DogeRAT Trojan Poses as Popular Apps, Targets Indian Android Users
Serious Unpatched Vulnerability Uncovered in Popular Belkin Wemo Smart Plugs
May 17, 2023Ravie LakshmananInternet of Things / Vulnerability The second generation version of Belkin's Wemo Mini Smart Plug has been found to contain a buffer overflow vulnerability that could be weaponized by a threat actor to inject arbitrary commands remotely. The issue, assigned the identifier CVE-2023-27217, was discovered and reported to Belkin on January 9, 2023, by … [Read more...] about Serious Unpatched Vulnerability Uncovered in Popular Belkin Wemo Smart Plugs