Google fixed two actively exploited Android zero-day flaws as part of its November security updates, addressing a total of 51 vulnerabilities. Tracked as CVE-2024-43047 and CVE-2024-43093, the two issues are marked as exploited in limited, targeted attacks. “There are indications that the following may be under limited, targeted exploitation,” says Google’s advisory. The CVE-2024-43047 flaw…

Read More

The provider of power management technologies confirmed that a developer platform was impacted by ‘unauthorized access.’ Schneider Electric confirmed Monday that a developer platform used by the company was impacted by a “cybersecurity incident” that is now under investigation. According to a BleepingComputer report, a threat actor has claimed, during a conversation with the media…

Read More

From elections to ransomware, CISA Director Jen Easterly breaks down the threats to America’s critical infrastructure and what’s being done to stop them, sharing along the way her journey from the real-life battlefield to the frontlines of cybersecurity. A rare glimpse into the most pressing threats America faces—and a compelling story about Director Easterly’s own…

Read More

Nov 05, 2024Ravie LakshmananMobile Security / Cyber Attack Over 1,500 Android devices have been infected by a new strain of Android banking malware called ToxicPanda that allows threat actors to conduct fraudulent banking transactions. “ToxicPanda’s main goal is to initiate money transfers from compromised devices via account takeover (ATO) using a well-known technique called on-device…

Read More

Zero Trust security changes how organizations handle security by doing away with implicit trust while continuously analyzing and validating access requests. Contrary to perimeter-based security, users within an environment are not automatically trusted upon gaining access. Zero Trust security encourages continuous monitoring of every device and user, which ensures sustained protection after successful user authentication.…

Read More

Nov 05, 2024Ravie LakshmananVulnerability / Data Security Taiwanese network-attached storage (NAS) appliance maker Synology has addressed a critical security flaw impacting DiskStation and BeePhotos that could lead to remote code execution. Tracked as CVE-2024-10443 and dubbed RISK:STATION by Midnight Blue, the zero-day flaw was demonstrated at the Pwn2Own Ireland 2024 hacking contest by security researcher…

Read More

In a scenario reminiscent of a modern-day Italian Job, hackers have allegedly breached Italy’s national security, exposing confidential data of some of the country’s most prominent political figures. At the heart of the controversy is Nunzio Samuele Calamucci, a 44-year-old IT consultant operating from a modest office near Milan’s iconic Duomo cathedral. Italian prosecutors claim…

Read More

Standalone Sellers to Ransomware-as-a-Service Years ago, ransomware buyers would often purchase ransomware from sellers on underground forums. These standalone sellers usually offered ransomware as a one-time sale, often requiring significant upfront costs. Many sellers were the original developers of the ransomware and provided support, updates, and sometimes decryption tools for a fee. As the demand…

Read More

Nov 05, 2024Ravie LakshmananData Breach / Cybercrime Canadian law enforcement authorities have arrested an individual who is suspected to have conducted a series of hacks stemming from the breach of cloud data warehousing platform Snowflake earlier this year. The individual in question, Alexander “Connor” Moucka (aka Judische and Waifu), was apprehended on October 30, 2024,…

Read More

Nov 05, 2024Ravie LakshmananMalware / Blockchain An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to trick them into running cross-platform malware. The attack is notable for utilizing Ethereum smart contracts for command-and-control (C2) server address distribution, according to independent findings from Checkmarx, Phylum, and…

Read More