The North Korean threat actor known as ScarCruft has been observed using an info-stealer malware with previously undocumented wiretapping features as well as a backdoor developed using Golang that exploits the Ably real-time messaging service.
Chrome Browser Cloud Management offers extension management capabilities and reporting to enable organizations to control extension usage and mitigate potential security risks.
In a new data breach notification issued yesterday, iOttie says they discovered on June 13th that its online store was compromised between April 12th, 2023, and June 2nd with malicious scripts.
The European Council agreed on Wednesday to seek to reduce the level of protections provided to journalists from government surveillance and spyware in a proposed law intended to safeguard media freedoms across the bloc.
Colorado joined several other U.S. states in announcing MOVEit breaches, with its Department of Health Care Policy & Financing confirming that it is in the process of investigating an incident involving the data of state residents.
In remarks at a Wednesday press conference, PM Kishida announced a review of the My Number system and ordered the relevant department to make it a priority comparable with government responses to COVID-19.
This includes a pair of zero-days that have been weaponized in a mobile surveillance campaign called Operation Triangulation which has been active since 2019. The exact threat actor behind the campaign is not known.
Senators Richard Blumenthal and Marsha Blackburn have questioned TikTok’s misleading assurances and cited reports of sensitive financial information of American creators being stored in China.
A threat group tracked as APT28 and linked to Russia’s General Staff Main Intelligence Directorate (GRU) has breached Roundcube email servers belonging to multiple Ukrainian organizations, including government entities.
An unidentified cybercrime group was observed brute-forcing vulnerable Linux SSH servers to drop various malware strains, including the Tsunami DDoS bot. Tsunami, also known as Kaiten, is used by a multitude of threat actors as the source code of the botnet is publicly available. administrators are recommended to use passwords that are difficult to guess and […]