In recent months, cybersecurity experts have identified the active use of a new tool for attacks on cloud services, known as Xeon Sender. This tool is being exploited by malicious actors to conduct phishing...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Jenkins vulnerability to its Known Exploited Vulnerabilities (KEV) catalog after it was leveraged in ransomware attacks. The vulnerability, identified as CVE-2024-23897 with...
The Cisco Talos team has identified eight vulnerabilities in Microsoft applications for macOS that allow unauthorized access to permissions and privileges granted to specific applications. These flaws enable attackers to inject malicious libraries into...
New details have emerged regarding the National Public Data (NPD) data breach. A company affiliated with NPD, which had access to the same databases, accidentally published passwords to these databases directly on its website....
Researchers at Check Point Research (CPR) have uncovered a new malware called Styx Stealer, which is capable of exfiltrating browser data, sessions from Telegram and Discord messengers, as well as cryptocurrency. Despite its recent...
Cybersecurity researchers have uncovered a new digital infrastructure linked to the financially motivated cybercriminal group known as FIN7. This discovery emerged from a collaborative investigation conducted by Team Cymru, Silent Push, and Stark Industries...
In July 2024, cybersecurity experts uncovered a new vulnerability in the MIFARE Classic contactless card technology, which is widely used in transportation systems, access control, and other critical areas. This technology has long attracted...
Google has joined Microsoft in disclosing information about Iran’s cyber activities following a recent wave of attacks that led to a data breach from Donald Trump’s campaign headquarters. Google’s Threat Analysis Group (TAG) confirmed...
Recently, FortiGuard Labs uncovered a new ValleyRAT malware campaign targeting Chinese-speaking users. Historically, this malware has primarily targeted businesses in the e-commerce, finance, sales, and management sectors. ValleyRAT is a multi-stage malware that employs...
The RansomHub group has begun deploying new malicious software designed to disable EDR solutions on devices, circumvent security mechanisms, and gain full control over the system. The tool, named EDRKillShifter, was uncovered by Sophos...
iVerify has identified a vulnerability in the Showcase.apk application, which has been pre-installed on millions of Pixel devices worldwide since September 2017. The application’s excessive system privileges enable the possibility of remote code execution...
In July, a new ransomware group known as Mad Liberator emerged in cyberspace, utilizing the Anydesk application and social engineering techniques to infiltrate company systems, steal data, and demand ransom. Sophos experts uncovered the...
Android / Apple / Technology
Android-iOS Messaging Gets Security Boost with RCS E2EE
September 20, 2024
