Month: May 2024
May 01, 2024NewsroomMalware / Android Cybersecurity researchers have discovered a previously undocumented malware targeting Android devices that uses compromised WordPress sites as relays for its actual command-and-control (C2) servers for detection evasion. The malware, codenamed Wpeeper, is an ELF binary that leverages the HTTPS protocol to secure its C2 communications. “Wpeeper is a typical backdoor…
Read More
‘For us, it’s about being focused on executing where there’s high demand in IT spend. And recovery, resilience, cyber, AI are the areas where companies are still spending, and that’s where we play,’ says Commvault CFO Gary Merrill. Growth in Commvault’s subscription business led to the data protection technology developer’s overall growth for fiscal 2024.…
Read More
A new malware named ‘Cuttlefish’ has been spotted infecting enterprise-grade and small office/home office (SOHO) routers to monitor data that passes through them and steal authentication information. Lumen Technologies’ Black Lotus Labs examined the new malware and reports that Cuttlefish creates a proxy or VPN tunnel on the compromised router to exfiltrate data discreetly while…
Read More
Qantas Airways confirms that some of its customers were impacted by a misconfiguration in its app that exposed sensitive information and boarding passes to random users. Qantas is Australia’s flag carrier and the largest airline by fleet size, operating 125 aircraft and serving 104 destinations. Qantas has 23,500 employees and an annual revenue of almost $12.9 billion. Earlier today,…
Read More
Tenable Cloud Security is enhancing its capabilities with malware detection. Combined with its cutting-edge, agentless vulnerability-scanning technology, including its ability to detect anomalous behavior, this new capability makes Tenable Cloud Security a much more complete and effective solution. Read on to find out how. In the ever-evolving landscape of cloud computing, security remains paramount. Even…
Read More
These attacks were primarily leveraged by ransomware and other extortion-related threat actors, and the main entry point was web applications, the report noted. Analyzing the data also reveals a significant area of weakness among many organizations — bad actors are more quickly harnessing vulnerabilities than organizations can patch them. It takes organizations approximately 55 days…
Read MoreAI Voice Scam Scammers tricked a company into believing they were dealing with a BBC presenter. They faked her voice, and accepted money intended for her. Tags: artificial intelligence, scams, social engineering Posted on May 1, 2024 at 7:09 AM • 0 Comments Sidebar photo of Bruce Schneier by Joe MacInnis. Source link lol
Read More
May 01, 2024NewsroomMalware / Cyber Threat The authors behind the resurfaced ZLoader malware have added a feature that was originally present in the Zeus banking trojan that it’s based on, indicating that it’s being actively developed. “The latest version, 2.4.1.0, introduces a feature to prevent execution on machines that differ from the original infection,” Zscaler…
Read More
May 01, 2024The Hacker NewsSecurity Awareness Training There’s a natural human desire to avoid threatening scenarios. The irony, of course, is if you hope to attain any semblance of security, you’ve got to remain prepared to confront those very same threats. As a decision-maker for your organization, you know this well. But no matter how…
Read More
Executive Summary The “Security Alert” scam is a prevalent tech-support fraud that threatens both Windows and Apple users. It exploits the trust of users by masquerading as an official support site, using fake pop-up warnings to lure users into dialing scam phone numbers by conveying a sense of urgency. The ultimate goal is gaining remote…
Read More