Month: July 2024

A network of more than 2,600 Telegram bots has helped exfiltrate one-time passwords and data from devices for more than two years. Read More  

[[{"value":"Google has improved the security of cookies in Chrome on Windows and rolled out a Chrome 127 update to address critical- and high-severity vulnerabilities. The post Chrome 127 Improves Cookie…

[[{"value":"Microsoft’s response to a DDoS attack on Azure amplified the impact of the attack instead of mitigating it, causing outages. The post Microsoft Says Azure Outage Caused by DDoS Attack…

Japanese organizations are the target of a Chinese nation-state threat actor that leverages malware families like LODEINFO and NOOPDOOR to harvest sensitive information from compromised hosts while stealthily remaining under the radar in some cases for a time period ranging from two to three years. Israeli cybersecurity company Cybereason is tracking the campaign under the name Cuckoo Spear,

We’ll TL;DR the FUDdy introduction: we all know that phishing attacks are on the rise in scale and complexity, that AI is enabling more sophisticated attacks that evade traditional defenses, and the never-ending cybersecurity talent gap means we’re all struggling to keep security teams fully staffed.  Given that reality, security teams need to be able to monitor and respond to threats

[[{"value":"Cryptocurrency scams are becoming increasingly sophisticated. This article delves into the intricacies of these scams, providing insights into how they operate and offering tips on how to protect your cryptocurrency…

[[{"value":"DigiCert is immediately revoking many certificates due to a domain validation issue, which could cause disruption to sites, apps and services. The post DigiCert Revoking Many Certificates Due to Verification…

A new malicious campaign has been observed making use of malicious Android apps to steal users' SMS messages since at least February 2022 as part of a large-scale campaign. The malicious apps, spanning over 107,000 unique samples, are designed to intercept one-time passwords (OTPs) used for online account verification to commit identity fraud. "Of those 107,000 malware samples, over 99,000 of

Companies in Russia and Moldova have been the target of a phishing campaign orchestrated by a little-known cyber espionage group known as XDSpy. The findings come from cybersecurity firm F.A.C.C.T., which said the infection chains lead to the deployment of a malware called DSDownloader. The activity was observed this month, it added. XDSpy is a threat actor of indeterminate origin that was first

[[{"value":"The US Senate has passed a bill to protect kids online and make tech companies accountable for harmful content. The post Senate Passes Bill to Protect Kids Online and Make…

[[{"value":"On July 30, 2024, Microsoft experienced a significant global outage affecting its Azure cloud services and Microsoft 365 products. The incident, which lasted nearly 10 hours, was triggered by a…