Tag: cybersecurity news

Google Launches Privacy Sandbox Beta on Android 13 Devices
News

Google Launches Privacy Sandbox Beta on Android 13 Devices

The beta for Google's Privacy Sandbox features has begun to go out to a select group of Android 13 devices. The Privacy Sandbox is a program that was first introduced in 2020 with the intention of limiting user data sharing in digital advertising and the effects of cross-app identifiers. Google stated in a blog post on Tuesday that it had "closely collaborated with the industry over the past year to gather feedback and start testing these new capabilities." "We're starting the next stage of our project today by making the Android Privacy Sandbox's first Beta available to devices that qualify read the complete article Google Launches Privacy Sandbox Beta on Android 13 Devices. With ReconBee.com Stay ahead of the latest threats with in-depth coverage of cyber attacks and cybers...
Lokibot AgentTesla Grow in January 2023’s Most Wanted Malware List
Risk, Security

Lokibot AgentTesla Grow in January 2023’s Most Wanted Malware List

According to Check Point's Global Threat Index report for January 2023, AgentTesla is back in the top three spots on the list of the Most Wanted Malware for January 2023 after falling to ninth place in December 2022. The Lokibot info stealer has also advanced significantly, moving up the ranking from not even making the top 10 to second. Furthermore, the data-stealer Vidar, which was seen spreading through phony domains purporting to be connected with remote desktop software provider AnyDesk, has re-entered the top 10 list following an upsurge in incidents of "brandjacking." To drive users to a single IP address posing as the legitimate AnyDesk website, the malware employed URL jacking for a number of well-known applications Check Point read more Lokibot AgentTesla Grow in January ...
Cybersecurity Experts Warn Against Valentine’s Day Scams
Risk, Security

Cybersecurity Experts Warn Against Valentine’s Day Scams

Many US government organizations and nonprofits have issued warnings to people about Valentine's Day-related romance scams. Over the past week, the Federal Bureau of Investigation (FBI) has warned residents of Texas and New Mexico about these crime attempts in two different statements. When compared to other online crimes, romantic scams have resulted in some of the largest financial losses, according to the Bureau's Internet Crime Complaint Center (IC3). Online romance scam victim losses nationwide in 2021 were estimated to be $5.9 billion. According to the special agent in charge of the FBI El Paso Field Office Jeffrey R. Downey read more Cybersecurity Experts Warn Against Valentine's Day Scams. With ReconBee.com Stay ahead of the latest threats with in-depth coverage of cyb...
NIST Standardizes Ascon Cryptographic Algorithm for IoT and Other Lightweight Devices
Risk, Security

NIST Standardizes Ascon Cryptographic Algorithm for IoT and Other Lightweight Devices

The Ascon family of authenticated encryption and hashing algorithms, which are intended for use in lightweight cryptographic applications, will be standardised, according to the U.S. National Institute of Standards and Technology (NIST). According to NIST, "the selected algorithms are meant to safeguard information created and transmitted by the Internet of Things (IoT), including its numerous small sensors and actuators." They are made for other tiny technologies as well, like medical implants, stress detectors for roads and bridges, and car keyless entry fobs. In other words, the goal is to use lightweight cryptography for security measures in systems read the complete article NIST Standardizes Ascon Cryptographic Algorithm for IoT and Other Lightweight Devices. Stay informed ...
Linux Variant of Clop Ransomware Spotted, But Uses Faulty Encryption Algorithm
Risk, Security

Linux Variant of Clop Ransomware Spotted, But Uses Faulty Encryption Algorithm

With a flawed encryption method that allowed for reverse engineering, the first-ever Linux form of the Clop ransomware has been found in the public. In a report shared with The Hacker News, SentinelOne researcher Antonis Terefos stated that "the ELF executable features a faulty encryption scheme making it easy to decode encrypted files without paying the ransom." The cybersecurity company, which has released a decryptor, reported observing the ELF version on December 26, 2022, and also noted that it is comparable to the Windows flavour in that it uses the same encryption technique. The discovered sample is reportedly part of a broader attack against Colombian educational institutions read the complete article Linux Variant of Clop Ransomware Spotted, But Uses Faulty Encryption Al...
Black Basta Deploys PlugX Malware in USB Devices With New Technique
Risk, Security

Black Basta Deploys PlugX Malware in USB Devices With New Technique

An investigation into the deployment of a new PlugX malware variant that may automatically infect any attached removable USB media devices has identified the use of the Black Basta ransomware threat. The new PlugX variation is "wormable," according to Palo Alto Networks Unit 42, and it may infect USB devices in such a way as to disguise itself from the Windows Operating File System. This information was first shared with Infosecurity earlier today. According to a Unit 42 advisory regarding the new threat, "This PlugX virus also hides attacker files in a USB drive with a novel approach, making the harmful files only readable on a *nix OS or by mounting the USB device in a forensic tool." The PlugX malware can continue to proliferate read the complete article Black Basta Deploys Pl...
Microsoft Urges Customers to Secure On Premises Exchange Servers
Risk, Security

Microsoft Urges Customers to Secure On Premises Exchange Servers

Microsoft advises users to maintain their Exchange servers up to date as well as take precautions such as turning on Windows Extended Protection and setting up the certificate-based signing of PowerShell serialization payloads. The software giant's Exchange Team stated in a post that attackers attempting to target unpatched Exchange servers would not stop. The value of unpatched on-premises Exchange infrastructure to hostile actors attempting to steal data or carry out other wrongdoing is too great. Microsoft also noted that the mitigations it has released are only a temporary fix and may "become insufficient to guard against all permutations of an attack," requiring users to apply the required security updates in order to secure the servers read the complete article Microsoft Urges...