Technology

Sep 19, 2024Ravie LakshmananCyber Attack / Hacking Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress. “Attackers have been observed brute-forcing the software at scale, and gaining access simply by using the product’s default credentials,” the cybersecurity company said. Targets of the emerging

Huawei Watch GT 5 Pro was unveiled at the company’s MatePad series tablet launch event in Barcelona on Thursday. The latest wearable comes in 46mm and 42mm size options featuring a titanium alloy and a ceramic body, respectively. The Huawei Watch GT 5 Pro has an IP69K certification. It boasts an AMOLED screen and offers more

Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and IoT devices that are likely operated by a Chinese nation-state threat actor called Flax Typhoon (aka Ethereal Panda or RedJuliett). The sophisticated botnet, dubbed Raptor Train by Lumen’s Black Lotus Labs, is believed to have been operational since at

iOS 18 was released on Monday for eligible iPhone models, bringing with it support for rich communication services (or RCS) on supported network providers. Messages sent between iOS and Android users will soon be upgraded with support for features found on third-party messaging apps including typing indicators, read receipts and higher quality media attachments. Meanwhile,

A Chinese national has been indicted in the U.S. on charges of conducting a “multi-year” spear-phishing campaign to obtain unauthorized access to computer software and source code created by the National Aeronautics and Space Administration (NASA), research universities, and private companies. Song Wu, 39, has been charged with 14 counts of wire fraud and 14

Samsung Galaxy M55s will be launched in India soon, according to the company. The South Korean firm’s upcoming Galaxy M series smartphone will be available in two colour options and feature a 6.7-inch display with a 120Hz refresh rate. The handset will be equipped with a 50-megapixel primary rear camera along with a selfie camera

Sep 17, 2024Ravie LakshmananSpyware / Privacy The U.S. Department of Treasury has imposed fresh sanctions against five executives and one entity with ties to the Intellexa Consortium for their role in the development, operation, and distribution of a commercial spyware called Predator. “The United States will not tolerate the reckless propagation of disruptive technologies that

Flipkart Big Billion Days Sale 2024, the Indian e-commerce player’s annual sale to mark the start of the festive period, is slated to start on September 27 for all users. Flipkart Plus members will get early access to the sale 24 hours prior on September 26. During the sale, users will see discounts on a

Sep 17, 2024Ravie LakshmananBrowser Security / Quantum Computing Google has announced that it will be switching from KYBER to ML-KEM in its Chrome web browser as part of its ongoing efforts to defend against the risk posed by cryptographically relevant quantum computers (CRQCs). “Chrome will offer a key share prediction for hybrid ML-KEM (codepoint 0x11EC),”

Nothing is set to launch a new product later this month, the company announced on Tuesday. Over the past few weeks, the company has been teasing the arrival of a new product, without actually revealing any relevant information including what type of device will be launched or any of its specifications. The latest teaser posted

Sep 16, 2024Ravie LakshmananFinancial Security / Malware Cybersecurity researchers are continuing to warn about North Korean threat actors’ attempts to target prospective victims on LinkedIn to deliver malware called RustDoor. The latest advisory comes from Jamf Threat Labs, which said it spotted an attack attempt in which a user was contacted on the professional social

Apple launched its latest iPhone 16 lineup, which includes the base model iPhone 16, the iPhone 16 Plus, iPhone 16 Pro and the top-end iPhone 16 Pro Max, at its ‘It’s Glowtime’ event on September 9. The new phones, that will run on iOS 18 out-of-the-box, go on sale from September 20. However, people who

Sep 16, 2024Ravie LakshmananCloud Security / Vulnerability A now-patched critical security flaw impacting Google Cloud Platform (GCP) Composer could have been exploited to achieve remote code execution on cloud servers by means of a supply chain attack technique called dependency confusion. The vulnerability has been codenamed CloudImposer by Tenable Research. “The vulnerability could have allowed

Lava Blaze 3 5G was launched in India on Monday. Arriving as a successor to the Lava Blaze 2 5G, which debuted in November last year, the company’s latest budget offering is equipped with specifications such as a 90Hz display, and a MediaTek Dimensity 7300 chipset with artificial intelligence (AI) features. The Lava Blaze 3

Sep 13, 2024Ravie LakshmananSoftware Security / Threat Intelligence Malicious actors are likely leveraging publicly available proof-of-concept (PoC) exploits for recently disclosed security flaws in Progress Software WhatsUp Gold to conduct opportunistic attacks. The activity is said to have commenced on August 30, 2024, a mere five hours after a PoC was released for CVE-2024-6670 (CVSS

EU antitrust officials are considering ordering Alphabet’s Google to end anti-competitive practices in its adtech business, but will not order a breakup as they had previously warned, people with direct knowledge of the matter said. European Union regulators are due to issue a decision with a hefty fine in the coming months after antitrust chief

Even as cyber threats become increasingly sophisticated, the number one attack vector for unauthorized access remains phished credentials (Verizon DBIR, 2024). Solving this problem resolves over 80% of your corporate risk, and a solution is possible. However, most tools available on the market today cannot offer a complete defense against this attack vector because they

Amazfit Helio Ring has been confirmed to launch in India. It was initially unveiled at the Consumer Electronics Show (CES) 2024. A senior Amazfit executive revealed that the smart ring will arrive in India soon and the product page has also gone live on the Amazfit India site. The exact launch date of the smart wearable has

Sep 13, 2024Ravie LakshmananFinancial Fraud / Mobile Security Cybersecurity researchers have uncovered a new variant of an Android banking trojan called TrickMo that comes packed with new capabilities to evade analysis and display fake login screens to capture victims’ banking credentials. “The mechanisms include using malformed ZIP files in combination with JSONPacker,” Cleafy security researchers

iPhone 16 series is now available to pre-order in India, which means that customers can pay a token amount in advance to reserve the iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max before they go on sale in the country on September 20. Authorised third party retailers have already announced