Technology

Jan 16, 2025Ravie LakshmananSpear Phishing / Threat Intelligence The Russian threat actor known as Star Blizzard has been linked to a new spear-phishing campaign that targets victims’ WhatsApp accounts, signaling a departure from its longstanding tradecraft in a likely attempt to evade detection. “Star Blizzard’s targets are most commonly related to government or diplomacy (both

Amazon Great Republic Day 2025 is the e-commerce platform’s first sale event of the year, and there are several offers on consumer electronics devices, smart home devices, computers, and smartphones to be availed of before the sale ends on January 19. During the ongoing Great Republic Day sale, you can pick up gaming laptops that

Jan 16, 2025Ravie LakshmananEndpoint Security / Ransomware Cybersecurity researchers have detailed an attack that involved a threat actor utilizing a Python-based backdoor to maintain persistent access to compromised endpoints and then leveraged this access to deploy the RansomHub ransomware throughout the target network. According to GuidePoint Security, initial access is said to have been facilitated

Up Network and DreamSmart have collaborated to unveil what the companies call the world’s first Web3- focused smart glasses with artificial intelligence (AI). Equipped with Google’s Gemini AI, the smart glasses offer real-time contextual artificial intelligence. Up Network has developed an AI agent operating system to improve human-machine interactions, while DreamSmart’s technology specialises in advanced

Jan 15, 2025Ravie LakshmananMalvertising / Malware Cybersecurity researchers have alerted to a new malvertising campaign that’s targeting individuals and businesses advertising via Google Ads by attempting to phish for their credentials via fraudulent ads on Google. “The scheme consists of stealing as many advertiser accounts as possible by impersonating Google Ads and redirecting victims to

Google Lens has reportedly received an update that changes how the app functions when it is launched. Currently, searching via the camera tool is a two-step process — opening the app first reveals a preview screen, and then tapping the space with the viewfinder opens the camera. With the latest update, the Mountain View-based tech

Jan 15, 2025Ravie LakshmananMalware / Threat Intelligence The U.S. Department of Justice (DoJ) on Tuesday disclosed that a court-authorized operation allowed the Federal Bureau of Investigation (FBI) to delete PlugX malware from over 4,250 infected computers as part of a “multi-month law enforcement operation.” PlugX, also known as Korplug, is a remote access trojan (RAT)

We have only heard about the purported Samsung Galaxy S25 Slim from tipsters so far, and unlike other models in this year’s anticipated Galaxy S25 lineup, we have yet to get our first glimpse of the new ‘Slim’ model via leaked images. A Chinese user on Weibo has now claimed that Samsung will launch the

Jan 14, 2025Ravie LakshmananEndpoint Security / Vulnerability Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as “root” to bypass the operating system’s System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. The vulnerability in question is

Threads is working on a community notes feature inspired by X (formerly Twitter) that could be rolled out soon. The functionality was recently announced by Meta CEO Mark Zuckerberg for Meta-owned Facebook, Instagram and Threads platforms, and it will replace traditional fact checking teams. Threads recently rolled out a new feature that allows users to share

Jan 14, 2025Ravie LakshmananVulnerability / Cybersecurity The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a second security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability in question is CVE-2024-12686 (CVSS score:

Amazon Great Republic Day Sale is underway with offers and discounts on a wide range of fitness trackers, smartwatches and more across the price range.  Whether your goal is to track your activities, monitor your steps, or sleep quality, these gadgets offer features that can help you stay motivated to meet your workout goals, get

Jan 13, 2025Ravie LakshmananVulnerability / Cloud Security A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners. Cloud security firm Wiz said it’s currently responding to “multiple incidents” involving the weaponization of CVE-2024-50603 (CVSS score: 10.0), a maximum

Smartphone shipments globally increased by four percent on a year-over-year basis in 2024, according to a report by a market research firm. Samsung claimed the top spot in market share, followed by Apple and Xiaomi. The report added that this is the first YoY market growth after “two consecutive years of annual declines.” The growth

Cybersecurity researchers are warning of a new stealthy credit card skimmer campaign that targets WordPress e-commerce checkout pages by inserting malicious JavaScript code into a database table associated with the content management system (CMS). “This credit card skimmer malware targeting WordPress websites silently injects malicious JavaScript into database entries to steal sensitive payment details,” Sucuri

Google might be tweaking the overlay window of Gemini on Android devices. A Reddit user shared a screenshot of the new user interface, which appears when the Gemini artificial intelligence (AI) assistant is summoned via voice command or manually, on Friday. Several other users replying to the post also claimed to have seen the new

Cybersecurity researchers have shed light on a nascent artificial intelligence (AI) assisted ransomware family called FunkSec that sprang forth in late 2024, and has claimed more than 85 victims to date. “The group uses double extortion tactics, combining data theft with encryption to pressure victims into paying ransoms,” Check Point Research said in a new

Amazon Great Republic Day Sale 2025 is now live for Prime members. The Republic Day special sale will open up for everyone else from 12pm on January 13, 2025. Amazon Great Republic Day Sale promises excited discounts on a large selection of popular mobile phones, laptops, TVs, Amazon devices, and other electronics. During the sale,

Cybersecurity reporting is a critical yet often overlooked opportunity for service providers managing cybersecurity for their clients, and specifically for virtual Chief Information Security Officers (vCISOs). While reporting is seen as a requirement for tracking cybersecurity progress, it often becomes bogged down with technical jargon, complex data, and disconnected spreadsheets that fail to resonate with

Lava ProWatch V1 was launched in India on Friday. The smartwatch is powered by a Realtek 8773 chipset and a 2.5D GPU “animation engine.” It is equipped with a VC9213 PPG sensor, which is claimed to offer precise health and wellness monitoring including heart rate and stress level tracking. The watch comes with support for Assisted GPS and