A threat actor, likely Chinese in origin, is actively attempting to exploit a zero-day vulnerability in the Zimbra open-source email platform as part of spear-phishing campaigns that commenced in December 2021. The espionage operation — codenamed "EmailThief" — was detailed by cybersecurity company Volexity in a technical report published Thursday, noting that successful … [Read more...] about Hackers Exploited 0-Day Vulnerability in Zimbra Email Platform to Spy on Users
Users
Facebook Launches ‘Privacy Center’ to Educate Users on Data Collection and Privacy Options
Meta Platforms, the company formerly known as Facebook, on Friday announced the launch of a centralized Privacy Center that aims to "educate people" about its approach with regards to how it collects and processes personal information across its family of social media apps. "Privacy Center provides helpful information about five common privacy topics: sharing, security, data … [Read more...] about Facebook Launches ‘Privacy Center’ to Educate Users on Data Collection and Privacy Options
Facebook Bans 7 ‘Cyber Mercenary’ Companies for Spying on 50,000 Users
Meta Platforms on Thursday revealed it took steps to deplatform seven cyber mercenaries that it said carried out "indiscriminate" targeting of journalists, dissidents, critics of authoritarian regimes, families of opposition, and human rights activists located in over 100 countries, amid mounting scrutiny of surveillance technologies. To that end, the company said it alerted … [Read more...] about Facebook Bans 7 ‘Cyber Mercenary’ Companies for Spying on 50,000 Users
Malicious KMSPico Windows Activator Stealing Users’ Cryptocurrency Wallets
Users looking to activate Windows without using a digital license or a product key are being targeted by tainted installers to deploy malware designed to plunder credentials and other information in cryptocurrency wallets. The malware, dubbed "CryptBot," is an information stealer capable of obtaining credentials for browsers, cryptocurrency wallets, browser cookies, credit … [Read more...] about Malicious KMSPico Windows Activator Stealing Users’ Cryptocurrency Wallets
Phishing attacks on users of streaming services
Movies and TV shows have been a huge source of comfort for many in these COVID times, and the number of new shows on Netflix, Amazon Prime, and the like has skyrocketed. But when searching for the latest megahit, don’t neglect basic security measures or you might find that someone else is enjoying it at your expense — or worse, that the money in your bank account has … [Read more...] about Phishing attacks on users of streaming services
Hackers Exploit macOS Zero-Day to Hack Hong Kong Users with new Implant
Google researchers on Thursday disclosed that it found a watering hole attack in late August exploiting a now-parched zero-day in macOS operating system and targeting Hong Kong websites related to a media outlet and a prominent pro-democracy labor and political group to deliver a never-before-seen backdoor on compromised machines. "Based on our findings, we believe this threat … [Read more...] about Hackers Exploit macOS Zero-Day to Hack Hong Kong Users with new Implant
How phishers trick LinkedIn users
Have you disabled annoying e-mail notifications from social networks? We think that’s great! We even periodically offer advice on how to cut down on digital noise. But LinkedIn is a special case. People really do expect messages from the social network for professionals — one could be from a prospective employer or business partner, after all. But a message from LinkedIn might … [Read more...] about How phishers trick LinkedIn users
Protecting Users from Malicious Sites with Falcon for Mobile
Introduction Today, mobile devices are ubiquitous within enterprise environments. But with their proliferation, it provides adversaries with yet another attack surface with which they can target users and cause a breach. From phishing attacks to malicious apps, mobile users tend to let their guard down and potentially click on obfuscated links to malicious sites. Falcon for … [Read more...] about Protecting Users from Malicious Sites with Falcon for Mobile
Over 10 Million Android Users Targeted With Premium SMS Scam Apps
A global fraud campaign has been found leveraging 151 malicious Android apps with 10.5 million downloads to rope users into premium subscription services without their consent and knowledge. The premium SMS scam campaign — dubbed "UltimaSMS" — is believed to commenced in May 2021 and involved apps that cover a wide range of categories, including keyboards, QR code scanners, … [Read more...] about Over 10 Million Android Users Targeted With Premium SMS Scam Apps
Chinese Hackers Used a New Rootkit to Spy on Targeted Windows 10 Users
A formerly unknown Chinese-speaking threat actor has been linked to a long-standing evasive operation aimed at South East Asian targets as far back as July 2020 to deploy a kernel-mode rootkit on compromised Windows systems. Attacks mounted by the hacking group, dubbed GhostEmperor by Kaspersky, are also said to have used a "sophisticated multi-stage malware framework" that … [Read more...] about Chinese Hackers Used a New Rootkit to Spy on Targeted Windows 10 Users