Internet Security

Android Keyboard Apps with 2 Million downloads can remotely hack your device

December 2, 2022 add comment
Experts found multiple flaws in three Android Keyboard apps that can be exploited by remote attackers to compromise a mobile phone. Researchers at the Synopsys Cybersecurity Research Center (CyRC) warn... Read more »

New Go-based Redigo malware targets Redis servers

December 1, 2022 add comment
Redigo is a new Go-based malware employed in attacks against Redis servers affected by the CVE-2022-0543 vulnerability. Researchers from security firm AquaSec discovered a new Go-based malware that is used... Read more »

3 of the Worst Data Breaches in the World That Could Have Been Prevented

December 1, 2022 add comment
Data breaches can be devastating for organizations, these are 3 of the worst incidents that could have been prevented Data breaches can be devastating for organizations and even entire... Read more »

North Korea ScarCruft APT used previously undetected Dolphin Backdoor against South Korea

December 1, 2022 add comment
North Korea-linked ScarCruft group used a previously undocumented backdoor called Dolphin against targets in South Korea. ESET researchers discovered a previously undocumented backdoor called Dolphin that was employed by North Korea-linked ScarCruft group (aka APT37, Reaper, and... Read more »

Lastpass discloses the second security breach this year

December 1, 2022 add comment
LastPass disclosed a new security breach, threat actors had access to its cloud storage using information stolen in the August 2022 breach. Password management solution LastPass disclosed a new... Read more »

Google links three exploitation frameworks to Spanish commercial spyware vendor Variston

December 1, 2022 add comment
Google’s Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. While tracking the activities of commercial spyware vendors, Threat Analysis Group (TAG)... Read more »

Attackers abused the popular TikTok Invisible Challenge to spread info-stealer

November 30, 2022 add comment
Threat actors are exploiting interest in a popular TikTok challenge, dubbed Invisible Challenge, to trick users into downloading info-stealing malware. Threat actors are exploiting the popularity of a TikTok... Read more »

China-linked UNC4191 APT relies on USB Devices in attacks against entities in the Philippines

November 30, 2022 add comment
An alleged China-linked cyberespionage group, tracked as UNC4191, used USB devices in attacks aimed at Philippines entities. Mandiant researchers spotted an alleged China-linked cyberespionage group, tracked as UNC4191, leveraging... Read more »

ENC Security, the encryption provider for Sony and Lexar, leaked sensitive data for over a year

November 30, 2022 add comment
CyberNews experts discovered that ENC Security, a Netherlands software company, had been leaking critical business data since May 2021. Original post at https://cybernews.com/security/encsecurity-leaked-sensitive-data/ When you buy a Sony, Lexar,... Read more »

Threat actors are offering access to corporate networks via unauthorized Fortinet VPN access

November 29, 2022 add comment
Cyble observed Initial Access Brokers (IABs) offering access to enterprise networks compromised via a critical flaw in Fortinet products. Researchers at Cyble have observed initial access brokers (IABs) selling access... Read more »
Subscribe to our Newsletter