π Qilin Caught Red-Handed Stealing Credentials in Google Chrome π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Browser credential harvesting is an unusual activity for a ransomware group.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Qilin Caught Red-Handed Stealing Credentials in Google Chrome
Browser credential harvesting is an unusual activity for a ransomware group
π YouTube Launches AI Tool to Recover Hacked Accounts π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
YouTubes new AI troubleshooting tool is designed to help users recover and secure their accounts after theyve been hacked.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
YouTube Launches AI Tool to Recover Hacked Accounts
YouTubeβs new AI troubleshooting tool is designed to help users recover and secure their accounts after theyβve been hacked
π Liverpool Fans Lose Big in Premier League Ticket Scams π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Liverpool fans were the most frequent and highestvalue targets for ticket scams last season, losing over 17,000 to fraudsters.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Liverpool Fans Lose Big in Premier League Ticket Scams
Liverpool fans were the most frequent and highest-value targets for ticket scams last season, losing over Β£17,000 to fraudsters
π¦Ώ Cybercriminals Deploy New Malware to Steal Data via Androidβs Near Field Communication (NFC) π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
A new malware called NGate allows cybercriminals to steal near field communication data from Android phones via sophisticated social engineering. The data is relayed to the fraudsters before being used to steal cash.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Cybercriminals Deploy New Malware to Steal Data via Androidβs Near Field Communication (NFC)
Malware called NGate allows criminals to steal near field communication data from Android phones. The data is sent to the fraudsters before being used to steal cash.
π΅οΈββοΈ Constantly Evolving MoonPeak RAT Linked to North Korean Spying π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The malware is a customized variant of the powerful open source XenoRAT information stealing malware often deployed by Kimsuky and other DPRK APTs.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Constantly Evolving MoonPeak RAT Linked to North Korean Spying
The malware is a customized variant of the powerful open source XenoRAT information stealing malware often deployed by Kimsuky and other DPRK APTs.
π΅οΈββοΈ NIST Hands Off Post-Quantum Cryptography Work to Cyber Teams π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The release of new NIST quantumproof cryptography standards signals it's time for cybersecurity teams to get serious about preparing for the rise of quantum threats.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
NIST Hands Off Post-Quantum Cryptography Work to Cyber Teams
The release of new NIST quantum-proof cryptography standards signals it's time for cybersecurity teams to get serious about preparing for the rise of quantum threats.
π΅οΈββοΈ Patch Now: Second SolarWinds Critical Bug in Web Help Desk π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The disclosure of CVE202428987 means that, in two weeks, there have been two critical bugs and corresponding patches for SolarWinds' lessoftendiscussed IT help desk software.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Patch Now: Second SolarWinds Critical Bug in Web Help Desk
The disclosure of CVE-2024-28987 means that, in two weeks, there have been two critical bugs and corresponding patches for SolarWinds' less-often-discussed IT help desk software.
π΅οΈββοΈ Liverpool Fans Take English Premier League Title for Ticket Scams π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Ticket scams are costing football fans close to 200 a season, on average, according to a report.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Liverpool Fans Take English Premier League Title for Ticket Scams
Ticket scams are costing football fans close to Β£200 a season, on average, according to a report.
π΅οΈββοΈ C-Suite Involvement in Cybersecurity Is Little More Than Lip Service π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Collaboration with security teams, making cybersecurity a core principle of business strategy, and investing in defenses better position organizations to thwart threats and ensure business continuity.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
C-Suite Involvement in Cybersecurity Is Little More Than Lip Service
Collaboration with security teams, making cybersecurity a core principle of business strategy, and investing in defenses better position organizations to thwart threats and ensure business continuity.
π΅οΈββοΈ NFC Traffic Stealer Targets Android Users & Their Banking Info π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The malware builds on a nearfield communication tool in combination with phishing and social engineering to steal cash.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
NFC Traffic Stealer Targets Android Users & Their Banking Info
The malware builds on a near-field communication tool in combination with phishing and social engineering to steal cash.
π΅οΈββοΈ NSA Issues Tips for Better Logging, Threat Detection in LotL Incidents π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The guidance is part of a coordinated, global effort to eradicate livingofftheland techniques used against critical infrastructure.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
NSA Issues Tips for Better Logging, Threat Detection in LotL Incidents
The guidance is part of a coordinated, global effort to eradicate living-off-the-land techniques used against critical infrastructure.
π PWA phishing on Android and iOS β Week in security with Tony Anscombe π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Phishing using PWAs? ESET Research's latest discovery might just ruin some users' assumptions about their preferred platform's security.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
PWA phishing on Android and iOS β Week in security with Tony Anscombe
ESET researchers have recently revealed an uncommon type of phishing campaign using Progressive Web Apps (PWAs) that targeted the clients of a prominent Czech bank.
ποΈ CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities KEV catalog based on evidence of active exploitation. The mediumseverity vulnerability, tracked as CVE202439717 CVSS score 6.6, is case of file upload bug impacting the "Change Favicon" feature that could allow a threat actor to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Meta Exposes Iranian Hacker Group Targeting Global Political Figures on WhatsApp ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Meta Platforms on Friday became the latest company after Microsoft, Google, and OpenAI to expose the activities of an Iranian statesponsored threat actor, who it said used a set of WhatsApp accounts that attempted to target individuals in Israel, Palestine, Iran, the U.K., and the U.S. The activity cluster, which originated from Iran, "appeared to have focused on political and diplomatic.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Pavel Durov, founder and chief executive of the popular messaging app Telegram, was arrested in France on Saturday, according to French television network TF1. Durov is believed to have been apprehended pursuant to a warrant issued in connection with a preliminary police investigation. TF1 said the probe was focused on a lack of content moderation on the instant messaging service, which the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New Linux Malware 'sedexp' Hides Credit Card Skimmers Using Udev Rules ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have uncovered a new stealthy piece of Linux malware that leverages an unconventional technique to achieve persistence on infected systems and hide credit card skimmer code. The malware, attributed to a financially motivated threat actor, has been codenamed sedexp by Aon's Stroz Friedberg incident response services team. "This advanced threat, active since 2022, hides.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π3
π΅οΈββοΈ India's Critical Infrastructure Suffers Spike in Cyberattacks π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The financial and government sectors have come under increasing attacks in India, with the Reserve Bank of India RBI warning banks to double down on cybersecurity.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
India's Critical Infrastructure Suffers Spike in Cyberattacks
The financial and government sectors have come under increasing attacks in India, with the Reserve Bank of India (RBI) warning banks to double down on cybersecurity.
ποΈ Critical Flaws in Traccar GPS System Expose Users to Remote Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Two security vulnerabilities have been disclosed in the opensource Traccar GPS tracking system that could be potentially exploited by unauthenticated attackers to achieve remote code execution under certain circumstances. Both the vulnerabilities are path traversal flaws and could be weaponized if guest registration is enabled, which is the default configuration for Traccar 5, Horizon3.ai.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have uncovered new Android malware that can relay victims' contactless payment data from physical credit and debit cards to an attackercontrolled device with the goal of conducting fraudulent operations. The Slovak cybersecurity company is tracking the novel malware as NGate, stating it observed the crimeware campaign targeting three banks in Czechia. The malware "has.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Chinese Velvet Ant Uses Cisco Zero-Day to Deploy Custom Malware π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The Chinese cyber espionage group was observed jailbreaking a Cisco switch appliance using a zeroday exploit.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Chinese Velvet Ant Uses Cisco Zero-Day to Deploy Custom Malware
The Chinese cyber espionage group was observed jailbreaking a Cisco switch appliance using a zero-day exploit
π1π₯1π€1
π΅οΈββοΈ Aggressively Monitoring for Changes Is a Key Aspect of Cybersecurity π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Employees and management must fully support change detection and file integrity monitoring, allowing a proactive approach with definitive security controls to be implemented against threat actors.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Aggressively Monitoring for Changes Is a Key Aspect of Cybersecurity
Employees and management must fully support change detection and file integrity monitoring, allowing a proactive approach with definitive security controls to be implemented against threat actors.