Technology

Google Pay, the Unified Prepaid Interface (UPI) payments app, unveiled new features at the Global Fintech Fest (GFF) 2024. The company said that these new features, which will be rolled out later this year, will make it easier for users to make payments and transact through the app. Some of the features announced at the

Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control (C2) mechanism. The activity, detected by Proofpoint starting August 5, 2024, impersonates tax authorities from governments in Europe, Asia, and the U.S., with the goal of targeting over 70 organizations worldwide by means of a bespoke tool called Voldemort that’s

Boat smartwatch users will now be able to use tap and pay functionality at eligible point-of-sale (POS) terminals in India, following an announcement made at the Global Fintech Fest (GFF) 2024 on Friday (August 30). For this move, the Indian smart wearable brand is partnering with Mastercard, enabling payment services on credit and debit cards

Aug 29, 2024Ravie LakshmananCyber Espionage / Malware A non-profit supporting Vietnamese human rights has been the target of a multi-year campaign designed to deliver a variety of malware on compromised hosts. Cybersecurity company Huntress attributed the activity to a threat cluster known as APT32, a Vietnamese-aligned hacking crew that’s also known as APT-C-00, Canvas Cyclone

Meta Quest 3S is tipped to arrive as an affordable version of the company’s Quest 3 headset and while the company has yet to confirm the existence of such a device, it has reportedly been listed on a certification website. It was previously claimed that Meta was working on a more premium offering than the

U.S. cybersecurity and intelligence agencies have called out an Iranian hacking group for breaching multiple organizations across the country and coordinating with affiliates to deliver ransomware. The activity has been linked to a threat actor dubbed Pioneer Kitten, which is also known as Fox Kitten, Lemon Sandstorm (formerly Rubidium), Parisite, and UNC757, which it described

Despite arriving rather late to the foldable party last year, OnePlus managed to make some waves when it announced its first foldable ever at a global launch event held in India. It was relatively slim and light when folded, but it also packed an excellent camera system (which was unheard of on foldable devices). Given

Aug 28, 2024Ravie LakshmananVulnerability / Data Security Fortra has addressed a critical security flaw impacting FileCatalyst Workflow that could be abused by a remote attacker to gain administrative access. The vulnerability, tracked as CVE-2024-6633, carries a CVSS score of 9.8, and stems from the use of a static password to connect to a HSQL database.

Apple took the rare step of cutting about 100 jobs in its digital services group, part of a shift in priorities for the critical division, according to people with knowledge of the matter.  The company informed the affected employees, who worked across several different teams in Senior Vice President Eddy Cue’s services group, on Tuesday,

Aug 28, 2024Ravie LakshmananCyber Attack / Vulnerability A South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw in Kingsoft WPS Office to deploy a bespoke backdoor dubbed SpyGlace. The activity has been attributed to a threat actor dubbed APT-C-60, according to cybersecurity firms ESET and

Airtel Payments Bank introduced a smartwatch with support for National Common Mobility Card (NCMC) technology in collaboration with Noise and National Payments Corporation of India (NPCI) at the Global Fintech Fest 2024 on Wednesday. The Airtel Payments Bank Smartwatch is equipped with an integrated RuPay chip that enables transactions from the user’s wrist. It has

Aug 27, 2024Ravie LakshmananCyber Espionage / Malware Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT. The artifacts “almost exactly replicate the functionality of the Windows version of the backdoor and differ only in the payload, which is received in

Snapchat has rolled out a highly requested feature for iPad users, adding to the expansive list of updates brought out in 2024. Following its latest update, the social media app now works natively on the Apple device, instead of its iPhone app being optimised for the tablet. This year, the platform has introduced several new

The China-nexus cyber espionage group tracked as Volt Typhoon has been attributed with moderate confidence to the zero-day exploitation of a recently disclosed high-severity security flaw impacting Versa Director. The attacks targeted four U.S. victims and one non-U.S. victim in the Internet service provider (ISP), managed service provider (MSP) and information technology (IT) sectors as

Infinix Hot 50 5G is expected to launch alongside several other rumoured Infinix Hot 50 handsets. The lineup may include Infinix Hot 50, Hot 50 5G, Hot 50 Pro, Hot 50 Pro+, and Hot 50i variants. They are said to succeed the existing Infinix Hot 40 series. The phones have previously been spotted on certification sites. Key

Aug 26, 2024Ravie LakshmananGDPR / Data Protection The Dutch Data Protection Authority (DPA) has fined Uber a record €290 million ($324 million) for allegedly failing to comply with European Union (E.U.) data protection standards when sending sensitive driver data to the U.S. “The Dutch DPA found that Uber transferred personal data of European taxi drivers

Arc Search, the artificial intelligence (AI) mobile browser, is soon coming to Android, the company confirmed on Saturday. The browser made its debut at the beginning of this year and gained popularity due to its AI-powered features such as Browse for Me, where the AI reads multiple web pages to show the relevant information, AI

Aug 26, 2024Ravie LakshmananVulnerability / Enterprise Security SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), has been described as an improper access control bug. “An improper access control vulnerability

After releasing some additional features that were previously missing from older Galaxy Watch models, such as the Galaxy Watch 6 series, Samsung has finally enabled its Irregular Heart Rhythm Notification (IHRN) feature on its new and recent Galaxy Watch models. While the Galaxy Watch 4 series recently received the IHRN feature, Samsung’s latest and greatest

Aug 25, 2024Ravie LakshmananFinancial Fraud / Cybercrime Cybersecurity researchers have uncovered a new stealthy piece of Linux malware that leverages an unconventional technique to achieve persistence on infected systems and hide credit card skimmer code. The malware, attributed to a financially motivated threat actor, has been codenamed sedexp by Aon’s Stroz Friedberg incident response services