The cyberespionage group APT42 employs social engineering to infiltrate corporate networks and cloud environments in the West and the Middle East. Mandiant, which first documented the group’s activities in September 2022, reports that APT42...
Yaroslav Vasinskyi was sentenced to 13 years and seven months in prison in the United States for his involvement in major cyberattacks using the REvil ransomware virus. In addition to his prison term, the...
Android users have encountered DNS leak issues when switching VPN servers, despite having “Always On VPN” and “Block Connections Without VPN” features enabled. This problem, identified in the latest version of Android 14, was...
In Finland, cybercriminals have intensified their efforts, deploying malicious Android applications aimed at hacking bank accounts, as warned by the local Finnish Transport and Communications Agency (Traficom). These fraudsters are sending SMS messages in...
Cybercriminals are increasingly harnessing Microsoft Graph API to manage malicious software and evade detection systems. According to researchers from Symantec, such actions are designed to facilitate communication with C2 infrastructure hosted on Microsoft’s cloud...
Recently, Aruba Networks, a subsidiary of Hewlett Packard Enterprise (HPE), disclosed information about ten vulnerabilities in its ArubaOS operating system, four of which are classified as critical. These vulnerabilities could potentially allow arbitrary code...
The cybersecurity firm Oversecured has uncovered vulnerabilities in Android applications from Xiaomi, affecting users globally. The investigation revealed 20 vulnerabilities associated with unauthorized access to system data, file theft, and leakage of phone and...
According to Amnesty International, Indonesia has been covertly acquiring spyware through a complex network of intermediaries spanning from Israel to Greece, Singapore, and Malaysia. The organization asserts that its investigation has uncovered a systemic...
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have urged software developers to more proactively identify and remedy path traversal vulnerabilities before releasing products to the market. Such...
A joint statement by the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the U.S. State Department warns of a new cyber threat emanating from North Korea. Experts have discovered that...
Microsoft has issued a warning to Android users about a new exploit dubbed “Dirty Stream,” which allows malicious applications to overwrite files in another application’s home directory, potentially leading to arbitrary code execution and...
Cybersecurity experts from the ASEC laboratory have uncovered a series of sophisticated cyberattacks targeting Microsoft SQL Servers (MS-SQL). The group known as TargetCompany is deploying the Mallox ransomware to encrypt systems and extort victims....
The U.S. Congress has disclosed the findings of an investigation, which reveals that the majority of major automakers transmit driver location data to law enforcement without a court order, despite public assurances to refrain...
Recently, cybersecurity experts at FortiGuard Labs discovered a previously unseen botnet network named Goldoon, targeting D-Link routers via the CVE-2015-2051 vulnerability, which has been known for nearly a decade. This vulnerability, rated nearly at...
A critical flaw in the GitLab system, which allows the interception and control of user accounts, was recently added to the CISA catalog of known exploitable vulnerabilities. This issue, identified as CVE-2023-7028 and rated...
Verizon’s annual Data Breach Investigations Report reveals a disturbing trend in cybersecurity: the use of vulnerabilities as an initial breach point has nearly tripled compared to last year, now accounting for 14% of all...
