Technology

Nov 20, 2024Ravie LakshmananPayment Security / Cybercrime Threat actors are increasingly banking on a new technique that leverages near-field communication (NFC) to cash out victim’s funds at scale. The technique, codenamed Ghost Tap by ThreatFabric, enables cybercriminals to cash-out money from stolen credit cards linked to mobile payment services such as Google Pay or Apple

Apple will ask a federal judge on Wednesday to dismiss the U.S. Department of Justice’s case accusing the iPhone maker of unlawfully dominating the smartphone market, in the latest Big Tech antitrust showdown. US District Judge Julien Neals in Newark, New Jersey, is scheduled to hear arguments from lawyers for Apple, and from prosecutors who say the

Nov 20, 2024Ravie LakshmananZero Day / Vulnerability Apple has released security updates for iOS, iPadOS, macOS, visionOS, and its Safari web browser to address two zero-day flaws that have come under active exploitation in the wild. The flaws are listed below – CVE-2024-44308 – A vulnerability in JavaScriptCore that could lead to arbitrary code execution

Oppo Reno 13 series is scheduled to launch in China on November 25. In recent weeks, the company has revealed the RAM, storage and colour options of the upcoming smartphones. Ahead of its anticipated debut, Oppo Reno 13, the base variant in the lineup, has been now spotted on a benchmarking platform, along with several

The malware known as Ngioweb has been used to fuel a notorious residential proxy service called NSOCKS, as well as by other services such as VN5Socks and Shopsocks5, new findings from Lumen Technologies reveal. “At least 80% of NSOCKS bots in our telemetry originate from the Ngioweb botnet, mainly utilizing small office/home office (SOHO) routers

Valiance Solutions on Tuesday launched CivicEye, an AI-powered surveillance system. The artificial intelligence (AI) and data analytics solution provider says that its system is capable of monitoring various instances of public disturbances and illegal activities such as traffic violations, theft, and unauthorised vendor encroachment. The company says that it is working with local government bodies

According to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak, up from 75% in the previous year’s report. At the same time, the number of leaked credentials has never been higher, with over 12.7 million hardcoded credentials in public GitHub repositories alone. One of the more troubling aspects

Samsung’s long-awaited XR wearable is expected to be ready for its debut sometime next year. The company is yet to reveal many details about its first extended reality (XR) smart glasses, however, new research coming out of China shows that the Korean brand’s upcoming XR device will share some features with Meta’s Ray-Ban smart glasses.

Nov 18, 2024Ravie LakshmananThreat Intelligence / Ransomware Cybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering information stealer families such as WhiteSnake and Meduza. BabbleLoader is an “extremely evasive loader, packed with defensive mechanisms, that is designed to bypass antivirus and sandbox environments

Yahoo Mail is getting a new makeover. Last week, the company announced that it is redesigning the app with a focus on artificial intelligence (AI). It now offers new features such as summarising messages and helping users compose emails as well as letting them sort and categorise their emails. Apart from the AI features, the

Nov 18, 2024Ravie LakshmananVulnerability / Website Security A critical authentication bypass vulnerability has been disclosed in the Really Simple Security (formerly Really Simple SSL) plugin for WordPress that, if successfully exploited, could grant an attacker to remotely gain full administrative access to a susceptible site. The vulnerability, tracked as CVE-2024-10924 (CVSS score: 9.8), impacts both

Oppo Reno 13 series will launch in China soon. The company has announced the launch date of the lineup in the country. It has also revealed the smartphones’ design, RAM and storage configurations, and a single colourway. The series is expected to comprise a base model and a Pro variant, which will succeed the Oppo Reno

Nov 15, 2024The Hacker NewsWebinar / Cyber Security In the fast-paced digital world, trust is everything—but what happens when that trust is disrupted? Certificate revocations, though rare, can send shockwaves through your operations, impacting security, customer confidence, and business continuity. Are you prepared to act swiftly when the unexpected happens? Join DigiCert’s exclusive webinar, “When

Meta Platforms Inc. was hit with a €798 million ($841 million or roughly Rs. 7,100 crore) fine by European Union regulators by tying its Facebook Marketplace service to the social network, the US tech giant’s first ever penalty for EU antitrust violations. In a groundbreaking decision, the European Commission ordered Meta to stop tying its classified-ads

A threat actor known as BrazenBamboo has exploited an unresolved security flaw in Fortinet’s FortiClient for Windows to extract VPN credentials as part of a modular framework called DEEPDATA. Volexity, which disclosed the findings Friday, said it identified the zero-day exploitation of the credential disclosure vulnerability in July 2024, describing BrazenBamboo as the developer behind

Baidu unveiled its Xiaodu AI Glasses in China on Tuesday. The Chinese tech giant introduced the AI-integrated smart glasses in China and it is reportedly equipped with an AI assistant that can perform several tasks for users. The Xiaodu AI Glasses are said to weigh 45g and feature a 16-megapixel ultrawide camera along with a four-microphone

Nov 16, 2024Ravie LakshmananVulnerability / Network Security Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a new zero-day vulnerability impacting its PAN-OS firewall management interface has been actively exploited in the wild. To that end, the company said it observed malicious activity originating from

Smartphone shipments in India grew by 5.6 percent year on year (YoY) and the number of handsets shipped in the country rose to 46 million units, according to data from the International Data Corporation’s (IDC). Apple saw its market share rise to 8.6 percent, up from 5.7 percent in Q3 2023. Other smartphone makers that recorded

Nov 15, 2024Ravie LakshmananCyber Espionage / Malware Cybersecurity researchers have shed light on a new remote access trojan and information stealer used by Iranian state-sponsored actors to conduct reconnaissance of compromised endpoints and execute malicious commands. Cybersecurity company Check Point has codenamed the malware WezRat, stating it has been detected in the wild since at

Samsung is expected to unveil its Galaxy S25 series in the first half of next year. Several reports have claimed that all models in the Galaxy S25 lineup will pack the new Snapdragon 8 Elite chipset. A new Geekbench listing offers some proof that the leaks could be right. An alleged Korean variant of the vanilla Galaxy S25 has