Technology

Organizations’ cybersecurity capabilities have improved over the past decade, mostly out of necessity. As their defenses get better, so do the methods, tactics, and techniques malicious actors devise to penetrate their environments. Instead of the standard virus or trojan, attackers today will deploy a variety of tools and methods to infiltrate an organization’s environment and
0 Comments
Multiple critical security flaws have been disclosed in Samsung’s pre-installed Android apps, which, if successfully exploited, could have allowed adversaries access to personal data without users’ consent and take control of the devices. “The impact of these bugs could have allowed an attacker to access and edit the victim’s contacts, calls, SMS/MMS, install arbitrary apps
0 Comments
Google’s upcoming plans to replace third-party cookies with a less invasive ad targeted mechanism have a number of issues that could defeat its privacy objectives and allow for significant linkability of user behavior, possibly even identifying individual users. “FLoC is premised on a compelling idea: enable ad targeting without exposing users to risk,” said Eric
0 Comments
The U.S. Department of Justice (DoJ) Thursday said it disrupted and took down the infrastructure of an underground marketplace known as “Slilpp” that specialized in trading stolen login credentials as part of an international law enforcement operation. Over a dozen individuals have been charged or arrested in connection with the illegal marketplace. The cyber crackdown,
0 Comments
OnePlus 8 Series — comprising OnePlus 8 and OnePlus 8 Pro — and OnePlus 8T have started receiving the OxygenOS 11.0.7.7 and OxygenOS 11.0.8.14 updates in India, respectively. While the OnePlus 8 Series will receive the update in India first, followed by Europe and North America, OnePlus 8T will receive OxygenOS 11.0.8.13 update in North
0 Comments
An emerging ransomware strain in the threat landscape claims to have breached 30 organizations in just four months since it went operational, riding on the coattails of a notorious ransomware syndicate. First observed in February 2021, “Prometheus” is an offshoot of another well-known ransomware variant called Thanos, which was previously deployed against state-run organizations in
0 Comments
Meat processing company JBS on Wednesday confirmed it paid extortionists $11 million in bitcoins to regain access to its systems following a destructive ransomware attack late last month. “In consultation with internal IT professionals and third-party cybersecurity experts, the company made the decision to mitigate any unforeseen issues related to the attack and ensure no
0 Comments
Researchers have disclosed a new type of attack that exploits misconfigurations in transport layer security (TLS) servers to redirect HTTPS traffic from a victim’s web browser to a different TLS service endpoint located on another IP address to steal sensitive information. The attacks have been dubbed ALPACA, short for “Application Layer Protocol Confusion – Analyzing
0 Comments
In a huge sting operation, the U.S. Federal Bureau of Investigation (FBI) and Australian Federal Police (AFP) ran an “encrypted chat” service called ANoM for almost 3 years to intercept 27 million messages between criminal gang members globally. Dubbed Operation Ironside (AFP), Operation Greenlight (Europol), and Operation Trojan Shield (FBI), the long-term covert probe into
0 Comments
Security researchers have discovered the first known malware, dubbed “Siloscope,” targeting Windows Server containers to infect Kubernetes clusters in cloud environments. “Siloscape is heavily obfuscated malware targeting Kubernetes clusters through Windows containers,” said Unit 42 researcher Daniel Prizmant. “Its main purpose is to open a backdoor into poorly configured Kubernetes clusters in order to run
0 Comments