Technology

Jan 26, 2023Ravie LakshmananThreat Analysis Google on Thursday disclosed it took steps to dismantle over 50,000 instances of activity orchestrated by a pro-Chinese influence operation known as DRAGONBRIDGE in 2022. “Most DRAGONBRIDGE activity is low quality content without a political message, populated across many channels and blogs,” the company’s Threat Analysis Group (TAG) said in

Google is reportedly working on the ability to set up an Android phone via the company’s Fast Pair feature. The capability could reportedly debut on a smartphone with the Samsung Galaxy S23 series that is expected to be unveiled by the South Korean conglomerate at its Galaxy Unpacked 2023 event on February 1. The upcoming

Jan 26, 2023Ravie LakshmananEncryption / Ransomware The infrastructure associated with the Hive ransomware-as-a-service (RaaS) operation has been seized as part of a coordinated law enforcement effort involving 13 countries. “Law enforcement identified the decryption keys and shared them with many of the victims, helping them regain access to their data without paying the cybercriminals,” Europol

Pune-based developer SuperGaming has dropped the gameplay trailer for its upcoming battle-royale title Indus, right in time for Republic Day. Pre-registrations are now live on Android, with signups on iOS and iPadOS to “follow soon.” The timing couldn’t be more appropriate since the company wears its “Made-in-India” tag with pride, incorporating a touch of Indian

Jan 26, 2023Ravie LakshmananCyber Threat / Phishing At least two federal agencies in the U.S. fell victim to a “widespread cyber campaign” that involved the use of legitimate remote monitoring and management (RMM) software to perpetuate a phishing scam. “Specifically, cyber criminal actors sent phishing emails that led to the download of legitimate RMM software

Poco X5 series has been expected for a long time in India since the company’s India head teased the same in December last year. The Poco X5 series, expected to offer vanilla and Pro models, has been previously spotted on several certification websites, including the Bureau of Indian Standards (BIS) database, confirming its impending India

Jan 25, 2023Ravie LakshmananWebsite Security / WordPress A massive campaign has infected over 4,500 WordPress websites as part of a long-running operation that’s been believed to be active since at least 2017. According to GoDaddy-owned Sucuri, the infections involve the injection of obfuscated JavaScript hosted on a malicious domain named “track[.]violetlovelines[.]com” that’s designed to redirect

Google said on Wednesday it will allow device makers in India to license its individual apps for pre-installation and give an option to users to choose their default search engine, announcing sweeping changes to how its Android system operates. The move comes after the country’s Supreme Court upheld stringent antitrust directives last week, rejecting a

Jan 24, 2023Ravie LakshmananCryptocurrency / Cyber Crime The U.S. Federal Bureau of Investigation (FBI) on Monday confirmed that North Korean threat actors were responsible for the theft of $100 million in cryptocurrency assets from Harmony Horizon Bridge in June 2022. The law enforcement agency attributed the hack to the Lazarus Group and APT38 (aka BlueNoroff,

Oppo Reno 8T 4G variant’s key specifications, features, design, pricing, and launch timeline in markets including Europe, India, and Indonesia have been tipped. According to a report by Appauls, the Oppo Reno 8T could be powered by MediaTek Helio G99 SoC and sport a 6.43-inch full-HD+ AMOLED display offering 90Hz refresh rate, 120Hz touch sampling

Jan 24, 2023Ravie LakshmananCyber Espionage / Golang Organizations in East Asia are being targeted by a likely Chinese-speaking actor dubbed DragonSpark while employing uncommon tactics to go past security layers. “The attacks are characterized by the use of the little known open source SparkRAT and malware that attempts to evade detection through Golang source code

Samsung Galaxy S23 series, expected to launch during the upcoming Galaxy Unpacked event on February 1, is highly anticipated and has been subject to a series of leaks and rumours over the past few months. The upcoming lineup is said to comprise the base Samsung Galaxy S23, Galaxy S23+, and Galaxy S23 Ultra models. For

Jan 23, 2023The Hacker NewsSaaS Security / SSPM Solution The move to SaaS and other cloud tools has put an emphasis on Identity & Access Management (IAM). After all, user identity is one of the only barriers standing between sensitive corporate data and any unauthorized access. The tools used to define IAM make up its

Samsung has released a Galaxy Store app update to fix vulnerabilities that could potentially allow malicious sources to install apps without a user’s permission. Two vulnerabilities were reportedly detected on the Galaxy Store by a research team. These vulnerabilities have only been affecting handsets running Android 12 or lower. Android 13 users are not affected

Jan 23, 2023Ravie LakshmananMobile Hacking / App Security Two security flaws have been disclosed in Samsung’s Galaxy Store app for Android that could be exploited by a local attacker to stealthily install arbitrary apps or direct prospective victims to fraudulent landing pages on the web. The issues, tracked as CVE-2023-21433 and CVE-2023-21434, were discovered by

Google Pixel 7 users have seemingly started receiving dual eSIM support with the Android 13 QPR2 Beta 2 update. The Pixel smartphones have supported the use of a single eSIM along with a physical SIM card for a while. This new update is said to allow users to ditch their physical SIM cards and have

An organization’s sensitive information is under constant threat. Identifying those security risks is critical to protecting that information. But some risks are bigger than others. Some mitigation options are more expensive than others. How do you make the right decision? Adopting a formal risk assessment process gives you the information you need to set priorities.

OnePlus, Realme, and Oppo devices running on Android 12 or higher will now be able to record calls without an on-call voice disclaimer through a downloadable dialer app called ODialer. The app, developed by Oppo’s ColorOS and released on January 16, is currently available on Google Play Store only to users of the aforementioned smartphone

Jan 19, 2023Ravie LakshmananThreat Intelligence / Malware Cybercriminals are increasingly leveraging malicious LNK files as an initial access method to download and execute payloads such as Bumblebee, IcedID, and Qakbot. A recent study by cybersecurity experts has shown that it is possible to identify relationships between different threat actors by analyzing the metadata of malicious

Samsung Galaxy A34 5G has reportedly surfaced on the US Federal Communications Commission (FCC) website with the model number SM-A346M. It has appeared on the US regulator’s website shortly after its arrival on the Bureau of Indian Standards (BIS) certification site. The listing hints at an imminent global launch for the Samsung Galaxy A34 5G,

Jan 20, 2023Ravie LakshmananFirewall / Network Security A suspected China-nexus threat actor exploited a recently patched vulnerability in Fortinet FortiOS SSL-VPN as a zero-day in attacks targeting a European government entity and a managed service provider (MSP) located in Africa. Telemetry evidence gathered by Google-owned Mandiant indicates that the exploitation occurred as early as October