Jul 16, 2024NewsroomMobile Security / Online Security Details have emerged about a "massive ad fraud operation" that leverages hundreds of apps on the Google Play Store to perform a host of nefarious activities. The campaign has been codenamed Konfety – the Russian word for Candy – owing to its abuse of a mobile advertising software development kit (SDK) associated with a … [Read more...] about ‘Konfety’ Ad Fraud Uses 250+ Google Play Decoy Apps to Hide Malicious Twins
software vulnerability
GitHub Token Leak Exposes Python’s Core Repositories to Potential Attacks
Jul 15, 2024NewsroomSupply Chain Attack / Cyber Threat Cybersecurity researchers said they discovered an accidentally leaked GitHub token that could have granted elevated access to the GitHub repositories of the Python language, Python Package Index (PyPI), and the Python Software Foundation (PSF) repositories. JFrog, which found the GitHub Personal Access Token, said the … [Read more...] about GitHub Token Leak Exposes Python’s Core Repositories to Potential Attacks
AT&T Confirms Data Breach Affecting Nearly All Wireless Customers
American telecom service provider AT&T has confirmed that threat actors managed to access data belonging to "nearly all" of its wireless customers as well as customers of mobile virtual network operators (MVNOs) using AT&T's wireless network. "Threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform and, between April 14 and April 25, … [Read more...] about AT&T Confirms Data Breach Affecting Nearly All Wireless Customers
DarkGate Malware Exploits Samba File Shares in Short-Lived Campaign
Jul 12, 2024NewsroomMalware / Cyber Attack Cybersecurity researchers have shed light on a short-lived DarkGate malware campaign that leveraged Samba file shares to initiate the infections. Palo Alto Networks Unit 42 said the activity spanned the months of March and April 2024, with the infection chains using servers running public-facing Samba file shares hosting Visual Basic … [Read more...] about DarkGate Malware Exploits Samba File Shares in Short-Lived Campaign
Australian Defence Force Private and Husband Charged with Espionage for Russia
Jul 12, 2024NewsroomCyber Crime / Online Safety Two Russian-born Australian citizens have been arrested and charged in the country for spying on behalf of Russia as part of a "complex" law enforcement operation codenamed BURGAZADA. This includes a 40-year-old woman, an Australian Defence Force (ADF) Army Private, and her husband, a 62-year-old self-employed laborer. Media … [Read more...] about Australian Defence Force Private and Husband Charged with Espionage for Russia
Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool
Jul 11, 2024NewsroomVulnerability / Enterprise Security Palo Alto Networks has released security updates to address five security flaws impacting its products, including a critical bug that could lead to an authentication bypass. Cataloged as CVE-2024-5910 (CVSS score: 9.3), the vulnerability has been described as a case of missing authentication in its Expedition migration … [Read more...] about Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool
New Ransomware Group Exploiting Veeam Backup Software Vulnerability
Jul 10, 2024NewsroomData Breach / Malware A now-patched security flaw in Veeam Backup & Replication software is being exploited by a nascent ransomware operation known as EstateRansomware. Singapore-headquartered Group-IB, which discovered the threat actor in early April 2024, said the modus operandi involved the exploitation of CVE-2023-27532 (CVSS score: 7.5) to carry … [Read more...] about New Ransomware Group Exploiting Veeam Backup Software Vulnerability
RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks
Jul 09, 2024NewsroomVulnerability / Network Security Cybersecurity researchers have discovered a security vulnerability in the RADIUS network authentication protocol called BlastRADIUS that could be exploited by an attacker to stage Mallory-in-the-middle (MitM) attacks and bypass integrity checks under certain circumstances. "The RADIUS protocol allows certain Access-Request … [Read more...] about RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks
New APT Group “CloudSorcerer” Targets Russian Government Entities
Jul 08, 2024NewsroomCyber Espionage / Cloud Security A previously undocumented advanced persistent threat (APT) group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for command-and-control (C2) and data exfiltration. Cybersecurity firm Kaspersky, which discovered the activity in May 2024, the tradecraft adopted by the … [Read more...] about New APT Group “CloudSorcerer” Targets Russian Government Entities
Learn How ITDR Solutions Stop Sophisticated Identity Attacks
Jul 05, 2024The Hacker NewsCybersecurity / Identity Protection Identity theft isn't just about stolen credit cards anymore. Today, cybercriminals are using advanced tactics to infiltrate organizations and cause major damage with compromised credentials. The stakes are high: ransomware attacks, lateral movement, and devastating data breaches. Don't be caught off guard. Join us … [Read more...] about Learn How ITDR Solutions Stop Sophisticated Identity Attacks