Your messaging-app account might be of interest to more than just jealous spouses or nosy coworkers. Stolen WhatsApp accounts fuel large-scale criminal activity — ranging from spam distribution to complex scam schemes. That’s why cybercriminals are constantly on the lookout for WhatsApp accounts — using various methods to hijack them. Here are eight signs your account may … [Read more...] about What to do if your WhatsApp is hacked: a step-by-step guide
Security
Apple Drops iCloud’s Advanced Data Protection in the U.K. Amid Encryption Backdoor Demands
Feb 21, 2025Ravie LakshmananData Protection / Encryption Apple is removing its Advanced Data Protection (ADP) feature for iCloud from the United Kingdom with immediate effect following government demands for backdoor access to encrypted user data. The development was first reported by Bloomberg. ADP for iCloud is an optional setting that ensures that users' trusted devices … [Read more...] about Apple Drops iCloud’s Advanced Data Protection in the U.K. Amid Encryption Backdoor Demands
Your Endpoint Is Secure Against AI Supply Chain Attacks
The recent emergence of powerful open-source AI models like DeepSeek has sent many enterprises scrambling to block access per their security policies. While AI teams increasingly turn to open repositories to leverage free and highly capable models like DeepSeek, security teams face mounting pressure to prevent unrestricted downloading of artifacts from untrusted sources. The … [Read more...] about Your Endpoint Is Secure Against AI Supply Chain Attacks
North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware
Freelance software developers are the target of an ongoing campaign that leverages job interview-themed lures to deliver cross-platform malware families known as BeaverTail and InvisibleFerret. The activity, linked to North Korea, has been codenamed DeceptiveDevelopment, which overlaps with clusters tracked under the names Contagious Interview (aka CL-STA-0240), DEV#POPPER, … [Read more...] about North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware
Hackers Exploit Signal’s Linked Devices Feature to Hijack Accounts via Malicious QR Codes
Feb 19, 2025Ravie LakshmananMobile Security / Cyber Espionage Multiple Russia-aligned threat actors have been observed targeting individuals of interest via the privacy-focused messaging app Signal to gain unauthorized access to their accounts. "The most novel and widely used technique underpinning Russian-aligned attempts to compromise Signal accounts is the abuse of the … [Read more...] about Hackers Exploit Signal’s Linked Devices Feature to Hijack Accounts via Malicious QR Codes
Solving for Exponential Data Growth in Next-Gen SIEM
Do you ever feel overwhelmed by the number of data sources you manage with your SIEM? How do you piece together different pieces of the puzzle like SOAR, threat intelligence, and security tools for endpoint, cloud, or identity? Do you actually know which tools are strengthening your security posture, and which are just adding more complexity? In this post, we share the … [Read more...] about Solving for Exponential Data Growth in Next-Gen SIEM
New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now
Feb 18, 2025Ravie LakshmananVulnerability / Network Security Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS) attack, respectively, under certain conditions. The vulnerabilities, detailed by the Qualys Threat … [Read more...] about New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now
Gravy Analytics leak: How to protect your location data
Our smartphones and other devices collect and then transmit massive amounts of data about us to dozens, maybe hundreds, of third-party companies every single day. This includes our location information, and the market for such information is huge. Naturally enough, the buying and selling goes on without our knowledge, creating obscure risks to our privacy. The recent hack of … [Read more...] about Gravy Analytics leak: How to protect your location data
Trojanized game PirateFi discovered on Steam
There are probably no gamers left who don’t know that downloading games from torrent trackers is a risky business. Yes, they come at no cost, cracked and sometimes conveniently repackaged — but they might contain malware. That’s why security solutions throw a fit — quarantining torrent files, preventing the installation of cracks… well, we should be thankful for that! Official … [Read more...] about Trojanized game PirateFi discovered on Steam
Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics
Feb 17, 2025Ravie LakshmananEndpoint Security / Malware Microsoft said it has discovered a new variant of a known Apple macOS malware called XCSSET as part of limited attacks in the wild. "Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies," the Microsoft Threat … [Read more...] about Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics