π¦Ώ Cybercriminals Deploy New Malware to Steal Data via Androidβs Near Field Communication (NFC) π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
A new malware called NGate allows cybercriminals to steal near field communication data from Android phones via sophisticated social engineering. The data is relayed to the fraudsters before being used to steal cash.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Cybercriminals Deploy New Malware to Steal Data via Androidβs Near Field Communication (NFC)
Malware called NGate allows criminals to steal near field communication data from Android phones. The data is sent to the fraudsters before being used to steal cash.
π΅οΈββοΈ Constantly Evolving MoonPeak RAT Linked to North Korean Spying π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The malware is a customized variant of the powerful open source XenoRAT information stealing malware often deployed by Kimsuky and other DPRK APTs.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Constantly Evolving MoonPeak RAT Linked to North Korean Spying
The malware is a customized variant of the powerful open source XenoRAT information stealing malware often deployed by Kimsuky and other DPRK APTs.
π΅οΈββοΈ NIST Hands Off Post-Quantum Cryptography Work to Cyber Teams π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The release of new NIST quantumproof cryptography standards signals it's time for cybersecurity teams to get serious about preparing for the rise of quantum threats.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
NIST Hands Off Post-Quantum Cryptography Work to Cyber Teams
The release of new NIST quantum-proof cryptography standards signals it's time for cybersecurity teams to get serious about preparing for the rise of quantum threats.
π΅οΈββοΈ Patch Now: Second SolarWinds Critical Bug in Web Help Desk π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The disclosure of CVE202428987 means that, in two weeks, there have been two critical bugs and corresponding patches for SolarWinds' lessoftendiscussed IT help desk software.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Patch Now: Second SolarWinds Critical Bug in Web Help Desk
The disclosure of CVE-2024-28987 means that, in two weeks, there have been two critical bugs and corresponding patches for SolarWinds' less-often-discussed IT help desk software.
π΅οΈββοΈ Liverpool Fans Take English Premier League Title for Ticket Scams π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Ticket scams are costing football fans close to 200 a season, on average, according to a report.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Liverpool Fans Take English Premier League Title for Ticket Scams
Ticket scams are costing football fans close to Β£200 a season, on average, according to a report.
π΅οΈββοΈ C-Suite Involvement in Cybersecurity Is Little More Than Lip Service π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Collaboration with security teams, making cybersecurity a core principle of business strategy, and investing in defenses better position organizations to thwart threats and ensure business continuity.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
C-Suite Involvement in Cybersecurity Is Little More Than Lip Service
Collaboration with security teams, making cybersecurity a core principle of business strategy, and investing in defenses better position organizations to thwart threats and ensure business continuity.
π΅οΈββοΈ NFC Traffic Stealer Targets Android Users & Their Banking Info π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The malware builds on a nearfield communication tool in combination with phishing and social engineering to steal cash.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
NFC Traffic Stealer Targets Android Users & Their Banking Info
The malware builds on a near-field communication tool in combination with phishing and social engineering to steal cash.
π΅οΈββοΈ NSA Issues Tips for Better Logging, Threat Detection in LotL Incidents π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The guidance is part of a coordinated, global effort to eradicate livingofftheland techniques used against critical infrastructure.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
NSA Issues Tips for Better Logging, Threat Detection in LotL Incidents
The guidance is part of a coordinated, global effort to eradicate living-off-the-land techniques used against critical infrastructure.
π PWA phishing on Android and iOS β Week in security with Tony Anscombe π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Phishing using PWAs? ESET Research's latest discovery might just ruin some users' assumptions about their preferred platform's security.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
PWA phishing on Android and iOS β Week in security with Tony Anscombe
ESET researchers have recently revealed an uncommon type of phishing campaign using Progressive Web Apps (PWAs) that targeted the clients of a prominent Czech bank.
ποΈ CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities KEV catalog based on evidence of active exploitation. The mediumseverity vulnerability, tracked as CVE202439717 CVSS score 6.6, is case of file upload bug impacting the "Change Favicon" feature that could allow a threat actor to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Meta Exposes Iranian Hacker Group Targeting Global Political Figures on WhatsApp ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Meta Platforms on Friday became the latest company after Microsoft, Google, and OpenAI to expose the activities of an Iranian statesponsored threat actor, who it said used a set of WhatsApp accounts that attempted to target individuals in Israel, Palestine, Iran, the U.K., and the U.S. The activity cluster, which originated from Iran, "appeared to have focused on political and diplomatic.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Pavel Durov, founder and chief executive of the popular messaging app Telegram, was arrested in France on Saturday, according to French television network TF1. Durov is believed to have been apprehended pursuant to a warrant issued in connection with a preliminary police investigation. TF1 said the probe was focused on a lack of content moderation on the instant messaging service, which the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New Linux Malware 'sedexp' Hides Credit Card Skimmers Using Udev Rules ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have uncovered a new stealthy piece of Linux malware that leverages an unconventional technique to achieve persistence on infected systems and hide credit card skimmer code. The malware, attributed to a financially motivated threat actor, has been codenamed sedexp by Aon's Stroz Friedberg incident response services team. "This advanced threat, active since 2022, hides.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π3
π΅οΈββοΈ India's Critical Infrastructure Suffers Spike in Cyberattacks π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The financial and government sectors have come under increasing attacks in India, with the Reserve Bank of India RBI warning banks to double down on cybersecurity.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
India's Critical Infrastructure Suffers Spike in Cyberattacks
The financial and government sectors have come under increasing attacks in India, with the Reserve Bank of India (RBI) warning banks to double down on cybersecurity.
ποΈ Critical Flaws in Traccar GPS System Expose Users to Remote Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Two security vulnerabilities have been disclosed in the opensource Traccar GPS tracking system that could be potentially exploited by unauthenticated attackers to achieve remote code execution under certain circumstances. Both the vulnerabilities are path traversal flaws and could be weaponized if guest registration is enabled, which is the default configuration for Traccar 5, Horizon3.ai.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have uncovered new Android malware that can relay victims' contactless payment data from physical credit and debit cards to an attackercontrolled device with the goal of conducting fraudulent operations. The Slovak cybersecurity company is tracking the novel malware as NGate, stating it observed the crimeware campaign targeting three banks in Czechia. The malware "has.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Chinese Velvet Ant Uses Cisco Zero-Day to Deploy Custom Malware π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The Chinese cyber espionage group was observed jailbreaking a Cisco switch appliance using a zeroday exploit.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Chinese Velvet Ant Uses Cisco Zero-Day to Deploy Custom Malware
The Chinese cyber espionage group was observed jailbreaking a Cisco switch appliance using a zero-day exploit
π1π₯1π€1
π΅οΈββοΈ Aggressively Monitoring for Changes Is a Key Aspect of Cybersecurity π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Employees and management must fully support change detection and file integrity monitoring, allowing a proactive approach with definitive security controls to be implemented against threat actors.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Aggressively Monitoring for Changes Is a Key Aspect of Cybersecurity
Employees and management must fully support change detection and file integrity monitoring, allowing a proactive approach with definitive security controls to be implemented against threat actors.
π¦Ώ CyberGhost vs NordVPN (2024): Which VPN Should You Choose? π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
While CyberGhost VPNs optimized servers bring a lot of value, NordVPNs more consistent speed performance and extensive feature inclusions give it the slight edge.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
CyberGhost vs NordVPN (2024): Which VPN Should You Choose?
While CyberGhost VPNβs optimized servers bring a lot of value, NordVPNβs more consistent speed performance and extensive feature inclusions give it the slight edge.
β€1
π Faraday 5.6.0 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Faraday is a tool that introduces a new concept called IPE, or Integrated PenetrationTest Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to reuse the available tools in the community to take advantage of them in a multiuser way.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π1
ποΈ Unpacking Slack Hacks: 6 Ways to Protect Sensitive Data with Secure Collaboration ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Nowadays, sensitive and critical data is traveling in everyday business channels that offer only the basic level of security and encryption, and companies are often oblivious to the risk. A case in point Disney suffered a devastating data leak by a hacktivist group known as NullBulge that got hold of over 1.2 terabytes of data from Disney's internal Slack messaging channels. The breach exposed.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity