Technology

Jan 13, 2023Ravie LakshmananVPN / Surveillanceware Tainted VPN installers are being used to deliver a piece of surveillanceware dubbed EyeSpy as part of a malware campaign that started in May 2022. It uses “components of SecondEye – a legitimate monitoring application – to spy on users of 20Speed VPN, an Iranian-based VPN service, via trojanized

Google on Friday hit out at the competition regulator for slapping penalties for alleged abuse of its dominant position, saying the orders strike a blow at the effort to accelerate digital adoption in India and will lead to higher prices. Failing to secure an interim relief on more than Rs. 2,200 crore fine imposed by

Jan 13, 2023Ravie LakshmananCyber Threat / Malware Detection Remote access trojans such as StrRAT and Ratty are being distributed as a combination of polyglot and malicious Java archive (JAR) files, once again highlighting how threat actors are continuously finding new ways to fly under the radar. “Attackers now use the polyglot technique to confuse security

Honor Magic 5 has reportedly been spotted on China’s Ministry of Industry and Information Technology (MIIT) certification website. The listing suggests that the upcoming Honor Magic 5 series of smartphones could make its way to consumers soon. It also appears to suggest some key specifications of the Honor Magic 5, which is tipped to debut

Jan 12, 2023Ravie LakshmananActive Directory / Malware A recent IcedID malware attack enabled the threat actor to compromise the Active Directory domain of an unnamed target less than 24 hours after gaining initial access. “Throughout the attack, the attacker followed a routine of recon commands, credential theft, lateral movement by abusing Windows protocols, and executing

iQoo 11 5G is now on sale in India exclusively for Amazon Prime members. The new iQoo smartphone powered by Qualcomm’s latest Snapdragon 8 Gen 2 SoC will be available for all buyers starting Friday, January 13 at 12pm IST. The handset launched earlier this week in two colour options. The iQoo 11 5G features

Jan 12, 2023Ravie LakshmananBrowser Security / Data Safety Details have emerged about a now-patched vulnerability in Google Chrome and Chromium-based browsers that, if successfully exploited, could have made it possible to siphon files containing confidential data. “The issue arose from the way the browser interacted with symlinks when processing files and directories,” Imperva researcher Ron

Amazon Great Republic Day sale 2023 dates have been announced. The online marketplace will run its special discount sale from January 15 to January 20 this year. Amazon Prime members will get early access to the sale. Amazon’s Great Republic Day sale promises discounts on smartphones, accessories, laptops, Amazon devices, and other electronics. Amazon has

Jan 11, 2023Ravie LakshmananCyber Threat / Malware A new analysis of Raspberry Robin’s attack infrastructure has revealed that it’s possible for other threat actors to repurpose the infections for their own malicious activities, making it an even more potent threat. Raspberry Robin (aka QNAP worm), attributed to a threat actor dubbed DEV-0856, is malware that

Xiaomi has reportedly begun sending out invites to media professionals for its Mobile World Congress (MWC) event scheduled to be held in Barcelona from February 27 until March 2 this year. Much has been speculated about what the Chinese electronics and smartphone manufacturer has in store for the MWC 2023 event. However, the media invites

Jan 11, 2023The Hacker NewsInformation Security / Jobs Are you looking to take your career in the information security industry to the next level? Look no further than the 2023 Certified Technology Professional Bundle! This unparalleled offer grants you lifetime access to nine comprehensive courses in information security, hacking, and cybersecurity at a remarkable price

Nothing Phone 1 is reportedly available in the US, but only as part of a “beta membership.” Customers in the United States can purchase the “Nothing OS 1.5 Beta Membership,” which allows them to test out the Nothing Phone 1 with Android 13 in the country. Participation in the programme costs $299 (roughly Rs. 24,400)

Jan 10, 2023Ravie LakshmananAdvanced Persistent Threat The advanced persistent threat (APT) group known as StrongPity has targeted Android users with a trojanized version of the Telegram app through a fake website that impersonates a video chat service called Shagle. “A copycat website, mimicking the Shagle service, is used to distribute StrongPity’s mobile backdoor app,” ESET

Samsung is reportedly gearing up to launch the Galaxy S23 series. The South Korean tech giant is expected to host a Galaxy Unpacked event on February 1 for this purpose. A reliable tipster has suggested that Samsung could also unveil its new dedicated chips for Galaxy devices at this event. Past rumours have indicated that

Jan 10, 2023Ravie LakshmananSoftware Security / Supply Chain A high-severity security flaw has been disclosed in the open source jsonwebtoken (JWT) library that, if successfully exploited, could lead to remote code execution on a target server. “By exploiting this vulnerability, attackers could achieve remote code execution (RCE) on a server verifying a maliciously crafted JSON

Redmi 12C was launched as a low-cost smartphone in China late last year. According to a new report, the phone will be available in India next month. The Indian unit should have the same design and specifications as the Chinese variant. The Redmi 12C is expected to be released in India before the MWC 2023

Jan 09, 2023Ravie LakshmananKubernetes / Cryptojacking The threat actors behind the Kinsing cryptojacking operation have been spotted exploiting misconfigured and exposed PostgreSQL servers to obtain initial access to Kubernetes environments. A second initial access vector technique entails the use of vulnerable images, Sunders Bruskin, security researcher at Microsoft Defender for Cloud, said in a report

Oppo A56s 5G was launched in China as the company’s latest model in its A series portfolio. The latest offering from Oppo seems to be an upgraded version of Oppo A56 5G that was launched in October 2021. The new Oppo A56s sports a 90Hz display and is powered by an octa-core MediaTek Dimensity 810

Jan 09, 2023The Hacker NewsSaaS Security / SSPM Solution Earlier this year, threat actors infiltrated Mailchimp, the popular SaaS email marketing platform. They viewed over 300 Mailchimp customer accounts and exported audience data from 102 of them. The breach was preceded by a successful phishing attempt and led to malicious attacks against Mailchimp’s customers’ end

Samsung is preparing to launch new Galaxy A series smartphones in India. The company has not officially confirmed the actual names of the upcoming smartphones, but one of them is expected to be the Galaxy A14 5G, which was recently released in the US and Europe. An unconfirmed promotional image of the India-specific variant recently