cybersecurity news

Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store. The findings come from HUMAN's Satori Threat Intelligence team, which said the cluster of VPN apps came fitted with a Golang library that transformed the user's device into a proxy node without their knowledge.

[[{"value":"A critical security breach has been identified in the xz compression utility’s liblzma library, leading to a significant compromise of SSH server security across various Linux distributions. The xz format…

The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. "Vultur has also started masquerading more of its malicious activity by encrypting its C2 communication, using multiple encrypted payloads that are decrypted

[[{"value":"Over the past year, macOS users, particularly those in the cryptocurrency sector, have been increasingly targeted by infostealers. These malicious programs aim to harvest credentials and data from crypto wallets.…

[[{"value":"AT&T has confirmed that personal data from approximately 73 million current and former customers has been leaked on the dark web. This confirmation comes after the telecommunications giant initially denied…

[[{"value":"An automated risk detection system identified a typosquatting campaign targeting popular Python libraries on PyPI. In two waves with a 20-hour break, the attack deployed over 500 variations with typos…

[[{"value":"This week in cybersecurity from the editors at Cybercrime Magazine –Read the Full Story in Forbes Sausalito, Calif. – Mar. 30, 2024 Forbes reports that small and medium-sized businesses (SMBs) often…

Malicious ads and bogus websites are acting as a conduit to deliver two different stealer malware, including Atomic Stealer, targeting Apple macOS users. The ongoing infostealer attacks targeting macOS users may have adopted different methods to compromise victims' Macs, but operate with the end goal of stealing sensitive data, Jamf Threat Labs said in a report published Friday. One

RedHat on Friday released an "urgent security alert" warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access. The software supply chain compromise, tracked as CVE-2024-3094, has a CVSS score of 10.0, indicating maximum severity. It impacts XZ Utils

In this Tech Tip, we outline how to check if a system is impacted by the newly discovered backdoor in the open source xz compression utility. Read More  

Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Australia gets its cyber-groove back, and 2023's zero-day field…