Tag: cybersecurity news

Google Play Store Highlights ‘Independent Security Review’ Badge for VPN Apps
News

Google Play Store Highlights ‘Independent Security Review’ Badge for VPN Apps

Google is launching a new banner to draw attention to the "Independent security review" label for Android VPN apps that have passed a Mobile Application Security Assessment (MASA) audit in the Play Store's Data safety section. According to Nataliya Stanetsky of the Android Security and Privacy Team, "We've launched this banner beginning with VPN apps due to the sensitive and significant amount of user data these apps handle." A global security standard like the Mobile Application Security Verification Standard (MASVS) can be independently used by developers to validate their apps through MASA, giving users more information and empowering them to make educated read more Google Play Store Highlights Independent Security Review Badge for VPN Apps. Get up to date on the latest cybers...
Mozi malware botnet goes dark after mysterious use of kill-switch
News

Mozi malware botnet goes dark after mysterious use of kill-switch

After an unidentified mysterious entity released a payload on September 27, 2023, deactivating all bots with a kill switch, Mozi virus botnet activities stopped in August. The well-known DDoS (distributed denial of service) malware botnet Mozi first surfaced in 2019 and is mostly focused on Internet of Things (IoT) gadgets including routers, DVRs, and other internet-connected devices. The malware infiltrated devices into its decentralized peer-to-peer network by taking advantage of well-known vulnerabilities or weak default passwords. BitTorrent's DHT (distributed hash table) protocol is used for communication between devices in this network read more Mozi malware botnet goes dark after mysterious use of kill-switch. Get up to date on the latest cybersecurity news and enhance you...
Avast confirms it tagged Google app as malware on Android phones
News

Avast confirms it tagged Google app as malware on Android phones

The Google Android app has been reported as malware by the Czech cybersecurity company Avast's antivirus SDK on Huawei, Vivo, and Honor handsets since Saturday. Users were advised to remove the Google app from their impacted smartphones very away because it may download and install other apps, send SMS messages covertly, or steal their private data. A different message was sent to other users, informing them that the Google app was actually a trojan that might grant hackers direct access to their device, enable the installation of malware, and steal personal data. Users on Huawei's forum, Reddit (Vivo thread), Google's support forum (Vivo post), and several other Android groups noticed the false positive issue read more Avast confirms it tagged Google app as malware on Android ph...
HackerOne paid ethical hackers over $300 million in bug bounties
News

HackerOne paid ethical hackers over $300 million in bug bounties

Since the platform's launch, HackerOne's bug bounty programs have given over $300 million in prizes to vulnerability researchers and ethical hackers. almost $1 million USD has been awarded to thirty hackers for their submissions; one hacker broke the record by earning almost $4 million for bug reports. HackerOne is a bug bounty platform that was established more than ten years ago. It links companies with a community of ethical hackers who find and disclose software flaws in exchange for rewards. In essence, it's a platform for organizing disclosures and hosting bug bounties that enables businesses to handle reports read more HackerOne paid ethical hackers over $300 million in bug bounties. Get up to date on the latest cybersecurity news and enhance your knowledge of cybersec...
Pirate IPTV network in Austria dismantled and $1.74 million seized
News

Pirate IPTV network in Austria dismantled and $1.74 million seized

Twenty persons have been detained by Austrian police nationwide in connection with an illicit IPTV network that, between 2016 and 2023, redistributed thousands of subscribers' copyright-protected broadcasts by decrypting them. Following the filing of a complaint in Germany, an investigation into the illicit network was launched. This investigation resulted in the identification of a criminal enterprise comprising 80 Turkish people who were the culprits. A hierarchy of suppliers and resellers, who purchased access to the signal for as much as $50 annually and resold it to end users for as much as $200 annually, comprised the piracy ring. Suppliers decrypted and delivered TV signals. consumers were mainly contacted by "word of mouth," despite a brief promotion of the business throu...
North Korean Lazarus Group Targets Software Vendor Using Known Flaws
News

North Korean Lazarus Group Targets Software Vendor Using Known Flaws

A recent effort in which an unidentified software provider was hacked by taking use of known security holes in another well-known program has been linked to the North Korea-aligned Lazarus Group. According to Kaspersky, the assault sequences resulted in the threat actor using malware families including SIGNBT and LPEClient, a well-known hacking tool, for victim profiling and payload distribution. Security researcher Seongsu Park stated, "The adversary demonstrated a high level of sophistication, employing sophisticated evasion techniques and introducing SIGNBT malware for victim control." The attack was carried out by the SIGNBT malware, which used advanced techniques and a varied infection chain read more North Korean Lazarus Group Targets Software Vendor Using Known Flaws. Get ...
France says Russian state hackers breached numerous critical networks
News

France says Russian state hackers breached numerous critical networks

Since the second part of 2021, the Russian hacking group APT28 (also known as "Strontium" or "Fancy Bear") has been focusing on French government agencies, corporations, academic institutions, research centers, and think tanks. The attack group was recently connected to the exploitation of two vulnerabilities: CVE-2023-23397, a zero-day privilege elevation weakness in Microsoft Outlook, and CVE-2023-38831, a remote code execution vulnerability in WinRAR. The threat group is thought to be a part of Russia's military intelligence service GRU. Russian hackers are no longer using backdoors to avoid detection; instead, they are infiltrating peripheral devices on vital networks belonging to French organizations read more France says Russian state hackers breached numerous critical network...
Microsoft Warns as Scattered Spider Expands from SIM Swaps to Ransomware
News

Microsoft Warns as Scattered Spider Expands from SIM Swaps to Ransomware

The widely distributed threat actor known as Scattered Spider has been seen posing as recently employed staff members in certain companies as a ruse to fit in with regular on-hire procedures, hijack accounts, and compromise establishments worldwide. The financially driven hacking group's activities were made public by Microsoft, which called the adversary "one of the most dangerous financial criminal groups," highlighting its ability to operate with ease and incorporate help desk fraud, SIM swapping, and SMS phishing into its attack model. The organization described Octo Tempest as a group of natural English-speaking threat actors with financial motivations. They are well-known for initiating extensive campaigns that heavily emphasize social engineering, adversary-in-the-middle (AiT...
Cyberattack on health services provider impacts 5 Canadian hospitals
News

Cyberattack on health services provider impacts 5 Canadian hospitals

Appointments have had to be rescheduled and patient care has been affected in five hospitals in Ontario, Canada as a result of a cyberattack on shared service provider TransForm. Five hospitals in Erie St. Clair, Ontario, formed TransForm, a not-for-profit shared services organization, to handle their accounts payable, supply chain, and IT.The service provider said in a statement yesterday that a cyberattack is causing an outage in their IT systems. Patients who have appointments in the next few days may need to reschedule at a later time, according to a news statement from TransForm. As of right now, the organization claims to be looking into the origin and extent of the problem and has not yet established read more Cyberattack on health services provider impacts 5 Canadian hospita...
34 Cybercriminals Arrested in Spain for Multi-Million Dollar Online Scams
News

34 Cybercriminals Arrested in Spain for Multi-Million Dollar Online Scams

34 people have been arrested by Spanish law enforcement for their involvement in a series of online frauds that brought in approximately €3 million ($3.2 million) for the gang. Authorities carried out searches in sixteen sites, including Madrid, Malaga, Huelva, Alicante, and Murcia. They found two dummy guns, a baseball bat, a katana sword, €80,000 in cash, four upscale cars, and thousands of euros' worth of computer and electrical equipment. A database containing cross-referenced data on four million individuals was also discovered during the investigation. This database was compiled following an intrusion into financial and credit institution databases read more 34 Cybercriminals Arrested in Spain for Multi-Million Dollar Online Scams. Stay informed with the best cybersecurity ...