Apr 10, 2024NewsroomMobile Security / Spyware An active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India and Pakistan, with malware distributed via dedicated websites and Google Play Store. Slovak cybersecurity firm said the activity, ongoing since November 2021, is not linked to any known threat actor … [Read more...] about ‘eXotic Visit’ Spyware Campaign Targets Android Users in India and Pakistan
10-Year-Old ‘RUBYCARP’ Romanian Hacker Group Surfaces with Botnet
Apr 09, 2024NewsroomBotnet / Crypto Mining A threat group of suspected Romanian origin called RUBYCARP has been observed maintaining a long-running botnet for carrying out crypto mining, distributed denial-of-service (DDoS), and phishing attacks. The group, believed to be active for at least 10 years, employs the botnet for financial gain, Sysdig said in a report shared with … [Read more...] about 10-Year-Old ‘RUBYCARP’ Romanian Hacker Group Surfaces with Botnet
Google Chrome Adds V8 Sandbox
Apr 08, 2024NewsroomSoftware Security / Cybersecurity Google has announced support for what's called a V8 Sandbox in the Chrome web browser in an effort to address memory corruption issues. The sandbox, according to V8 Security technical lead Samuel Groß, aims to prevent "memory corruption in V8 from spreading within the host process." The search behemoth has described V8 … [Read more...] about Google Chrome Adds V8 Sandbox
Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites
Apr 06, 2024NewsroomSkimmer / Threat Intelligence Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages CVE-2024-20720 (CVSS score: 9.1), which has been described by Adobe as a case of "improper neutralization of special elements" that could pave the way for arbitrary code … [Read more...] about Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites
AI-as-a-Service Providers Vulnerable to PrivEsc and Cross-Tenant Attacks
Apr 05, 2024NewsroomArtificial Intelligence / Supply Chain Attack New research has found that artificial intelligence (AI)-as-a-service providers such as Hugging Face are susceptible to two critical risks that could allow threat actors to escalate privileges, gain cross-tenant access to other customers' models, and even take over the continuous integration and continuous … [Read more...] about AI-as-a-Service Providers Vulnerable to PrivEsc and Cross-Tenant Attacks
CISO Perspectives on Complying with Cybersecurity Regulations
Compliance requirements are meant to increase cybersecurity transparency and accountability. As cyber threats increase, so do the number of compliance frameworks and the specificity of the security controls, policies, and activities they include. For CISOs and their teams, that means compliance is a time-consuming, high-stakes process that demands strong organizational and … [Read more...] about CISO Perspectives on Complying with Cybersecurity Regulations
Vietnam-Based Hackers Steal Financial Data Across Asia with Malware
A suspected Vietnamese-origin threat actor has been observed targeting victims in several Asian and Southeast Asian countries with malware designed to harvest valuable data since at least May 2023. Cisco Talos is tracking the cluster under the name CoralRaider, describing it as financially motivated. Targets of the campaign include India, China, South Korea, Bangladesh, … [Read more...] about Vietnam-Based Hackers Steal Financial Data Across Asia with Malware
Hackers disrupt Apex Legends esports tournament
The esports industry is booming: prize pools for top tournaments have long surpassed $10 million, with peak online viewership exceeding one million. This naturally attracts hackers, who typically either steal game source-code or target individual gamers. Recently, cyberattacks have gone beyond the pale: hackers disrupted a major Apex Legends tournament. This post explores why … [Read more...] about Hackers disrupt Apex Legends esports tournament
U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers
Apr 03, 2024NewsroomData Breach / Incident Response The U.S. Cyber Safety Review Board (CSRB) has criticized Microsoft for a series of security lapses that led to the breach of nearly two dozen companies across Europe and the U.S. by a China-based nation-state group called Storm-0558 last year. The findings, released by the Department of Homeland Security (DHS) on Tuesday, … [Read more...] about U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers
Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution
Apr 02, 2024NewsroomFirmware Security / Vulnerability The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis has revealed. The audacious supply chain compromise, tracked as CVE-2024-3094 (CVSS score: 10.0), came to light last week when … [Read more...] about Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution