Security
Sophos warns of growing ‘quishing’ threat
Phishing attacks that leverage QR codes are increasing both in volume and sophistication, cybersecurity experts have warned.
Read more about Sophos warns of growing ‘quishing’ threat
How quickly do hackers exploit vulnerabilities? The answer may disturb you
Google’s Mandiant has sounded the alarm about how quickly cybercriminals start exploiting vulnerabilities. In 70% of cases, it’s a zero-day. For the remainder, cybercriminals create exploits in just five days on average, meaning a large chunk of them are exploited on the disclosure day.
Read more about How quickly do hackers exploit vulnerabilities? The answer may disturb you
One retailer mistake puts several million Europeans at risk
Over 3.5 million people have been affected across Europe after German eyewear company Brillen spilled order details and customer data to anyone on the internet.
Read more about One retailer mistake puts several million Europeans at risk
MacOS bypassing VPNs and leaking traffic after update, report reveals
Security analytics at Mullvad have discovered scenarios when the macOS firewall does not seem to function correctly and disregards rules. Many users seem angry about their settings disappearing after updates.
Read more about MacOS bypassing VPNs and leaking traffic after update, report reveals
Mobile threats rising: 200 malicious Play Store apps just the tip of the iceberg
More than 200 apps on the Google Play Store, downloaded nearly eight million times, turned out to be malicious, the Zscaler ThreatLabz research team has discovered. Yet, this is not the most likely way to get your phone infected.
Read more about Mobile threats rising: 200 malicious Play Store apps just the tip of the iceberg
Cyber onslaught: Microsoft reports 600M attacks a day, urges stricter penalties
Microsoft alone handles 600 million cyberattacks daily, ranging from ransomware to identity theft or phishing. The tech giant says that both cybercriminals and state-sponsored actors are undeterred by consequences when inducing harm.
Read more about Cyber onslaught: Microsoft reports 600M attacks a day, urges stricter penalties
Taiwan visitors exposed in massive hotel booking data leak
Blockchain technology solutions company OwlTing has inadvertently exposed 765,000 users' sensitive data by leaving open access to its AWS storage (S3). The spill mostly affected hotel guests in Taiwan.
Read more about Taiwan visitors exposed in massive hotel booking data leak
Android banking trojan stealing money: no antivirus software can detect it
Threat actors are actively targeting Android users with a new variant of the Cerberus Android banking trojan. The malware, in development since 2019, has evolved to dynamically switch command and control servers and its sophisticated infection chain complicates detection and removal, the Cyble Research and Intelligence Labs (CRIL) reports.
Read more about Android banking trojan stealing money: no antivirus software can detect it
Can you trust open-source? Repositories increasingly contain malware, analysts warn
Dependence on open-source repositories has sparked a surge in malicious packages infiltrating software products, software supply chain security company Sonatype has warned.
Read more about Can you trust open-source? Repositories increasingly contain malware, analysts warn
Quantum computer cracks ‘military-grade’ encryption
A team of scientists in China has reportedly launched the world’s first “effective” quantum attack on a classical encryption method.
Read more about Quantum computer cracks ‘military-grade’ encryption
Ransomware attack costs rising sharply in 2024, cyber insurer warns
The average ransom demand has now reached $1.3 million, with some variants asking for up to $4.3 million for a decryptor.
Read more about Ransomware attack costs rising sharply in 2024, cyber insurer warns
New EU law touts strict cybersecurity requirements for all connected and IoT devices
The EU Council's new Cyber Resilience Act passed on Wednesday requires all connected devices to be manufactured with robust security measure, before getting into the hands of consumers.
Read more about New EU law touts strict cybersecurity requirements for all connected and IoT devices
Danish sports simulator exposes 110TB of user data
New research points to a data leak affecting golf and baseball enthusiasts using TrackMan devices.
Read more about Danish sports simulator exposes 110TB of user data
Find a job, lose your data: hundreds of thousands of CVs leaked
Snaphunt, a remote hiring platform, has leaked over two hundred thousand CVs. The leak exposes job seekers' personal data and puts them at high risk of identity theft.
Read more about Find a job, lose your data: hundreds of thousands of CVs leaked
Google leads global anti-scam initiative, establishes fraud-fighting platform
A new ‘internet-scale’ exchange will collect and exchange signals of fraudulent activities. The hope is that the centralized platform will enable faster identification and disruption of cybercrime.
Read more about Google leads global anti-scam initiative, establishes fraud-fighting platform
Hackers weaponizing VSCode for remote access
Attackers are tricking developers into launching malicious LNK files, which turn Visual Studio Code, a popular code editor, into a remote access tool.
Read more about Hackers weaponizing VSCode for remote access
Cybercrooks abuse stolen SharePoint, OneDrive, and Dropbox accounts for phishing
If someone shares a file on SharePoint, OneDrive, Dropbox, or any other legitimate file hosting service, beware – it may be a phishing attack designed to bypass defenses.
Read more about Cybercrooks abuse stolen SharePoint, OneDrive, and Dropbox accounts for phishing
Massive data spill reveals loan shop collects and exposes private messages. What data was leaked?
A data leak at Nigerian FinTech company BestFin Nigeria has exposed 846,000 customers and their emergency contacts. The leak also revealed that money lenders try to squeeze every drop of data from their clients, including private communications.
Read more about Massive data spill reveals loan shop collects and exposes private messages. What data was leaked?
Late shipment? Retailers’ data leak may have allowed attackers to redirect it
US outdoor sports retailer Peter Glenn has left numerous credentials exposed. The oversight leaves the business vulnerable to severe cyberattacks, including customer data and parcel theft.
Read more about Late shipment? Retailers’ data leak may have allowed attackers to redirect it
How I hack with an Apple Mac: a guide to empowering every byte
I used to turn my nose up at even the idea of hacking from a Mac because it didn’t make sense. Nowadays, it’s all I’ve been using for my OSINT investigations and penetration testing.
Read more about How I hack with an Apple Mac: a guide to empowering every byte
