Tag: network security
Aug 01, 2024Ravie LakshmananData Encryption / Browser Security Google has announced that it’s adding a new layer of protection to its Chrome browser through what’s called app-bound encryption to prevent information-stealing malware from grabbing cookies on Windows systems. “On Windows, Chrome uses the Data Protection API (DPAPI) which protects the data at rest from other…
Read MoreAug 01, 2024Ravie LakshmananOnline Fraud / Malvertising Facebook users are the target of a scam e-commerce network that uses hundreds of fake websites to steal personal and financial data using brand impersonation and malvertising tricks. Recorded Future’s Payment Fraud Intelligence team, which detected the campaign on April 17, 2024, has given it the name ERIAKOS…
Read MoreCRN looks at new networking products and services that have hit the market in the first half of 2024, including products ranging from Ethernet and PoE extenders, to improved wireless access points, to the latest in AI-focused networking technology. Meeting The Need For New Networking Infrastructure The networking infrastructure market in the U.S. continues to…
Read MoreJul 31, 2024Ravie LakshmananWeb Security / Compliance Certificate authority (CA) DigiCert has warned that it will be revoking a subset of SSL/TLS certificates within 24 hours due to an oversight with how it verified if a digital certificate is issued to the rightful owner of a domain. The company said it will be taking the…
Read MoreJul 31, 2024Ravie LakshmananMalware / Software Development The threat actors behind an ongoing malware campaign targeting software developers have demonstrated new malware and tactics, expanding their focus to include Windows, Linux, and macOS systems. The activity cluster, dubbed DEV#POPPER and linked to North Korea, has been found to have singled out victims across South Korea,…
Read MoreWe’ll TL;DR the FUDdy introduction: we all know that phishing attacks are on the rise in scale and complexity, that AI is enabling more sophisticated attacks that evade traditional defenses, and the never-ending cybersecurity talent gap means we’re all struggling to keep security teams fully staffed. Given that reality, security teams need to be able…
Read MoreJul 31, 2024Ravie LakshmananCyber Attack / Threat Intelligence Japanese organizations are the target of a Chinese nation-state threat actor that leverages malware families like LODEINFO and NOOPDOOR to harvest sensitive information from compromised hosts while stealthily remaining under the radar in some cases for a time period ranging from two to three years. Israeli cybersecurity…
Read MoreJul 31, 2024Ravie LakshmananCyber Espionage / Threat Intelligence Companies in Russia and Moldova have been the target of a phishing campaign orchestrated by a little-known cyber espionage group known as XDSpy. The findings come from cybersecurity firm F.A.C.C.T., which said the infection chains lead to the deployment of a malware called DSDownloader. The activity was…
Read MoreJul 31, 2024Ravie LakshmananMobile Security / Malware A new malicious campaign has been observed making use of malicious Android apps to steal users’ SMS messages since at least February 2022 as part of a large-scale campaign. The malicious apps, spanning over 107,000 unique samples, are designed to intercept one-time passwords (OTPs) used for online account…
Read MoreJul 31, 2024Ravie LakshmananPrivacy / Social Media Meta, the parent company of Facebook, Instagram, and WhatsApp, agreed to a record $1.4 billion settlement with the U.S. state of Texas over allegations that it illegally collected biometric data of millions of users without their permission, marking one of the largest penalties levied by regulators against the…
Read MoreRecent Posts
- A Vulnerability in Fortinet FortiManager Could Allow for Remote Code Execution
- ServiceNow CEO McDermott: ‘Taking On The World’s Biggest Challenges’ With AI, New Nvidia Pact, More
- SonicWall CEO On ‘Getting Back To Our Roots’, Using AI And Latest Acquisitions
- Windows 11 KB5044380 preview update lets you remap the Copilot key
- CISA Adds One Known Exploited Vulnerability to Catalog | CISA