Most of the messages directed users to credential-harvesting sites impersonating services from a financial business and Microsoft. A very small number had malware attachments.
Google’s Android mobile threat protection, which automatically scans over 100 billion apps every day, was first introduced during the Google I/O 2017 in May 2017, with rollout starting in July 2017.
Sygnia researchers reported a new APT group—Praying Mantis or TG1021—targeting Microsoft IIS web servers to reach victims’ internal networks to steal sensitive data. To stay protected, researchers recommend patching .NET deserialization vulnerabilities and scanning internet-facing IIS servers with YARA rules for detecting the group’s malicious activity.
A new research attack method demonstrated that replacing up to 50% of neurons in the AlextNet model with malware can go undetected under security tools, as the model’s accuracy remained above 93.1%. Popular technologies such as machine learning and neural networks are still at their nascent stage, making them vulnerable to several kinds of misuse.
IP cameras offered by a dozen vendors are exposed to remote attacks due to several serious vulnerabilities found in the firmware they all share, according to French cybersecurity firm RandoriSec.
Researchers at Guardicore disclosed details about a critical flaw in Microsoft Hyper-V, tracked as CVE-2021-28476, which can trigger a DoS condition to execute arbitrary code.
Noetic Cyber today emerged from stealth with $20 million, including $15 million in series A funding from Energy Impact Partners, TenEleven Ventures, and Glasswing Ventures.
A critical security vulnerability in a popular e-learning platform could be abused to allow access to students’ data and test papers – and possibly even manipulate exam results.
The month of April 2021 saw the active distribution of a new DDoS botnet called Simps — the name under which it introduced itself to its victims — that was distributed via YouTube and Discord.
Evasive techniques used by attackers have evolved to include Linux shell script tactics and techniques aimed at disabling firewalls, monitoring agents, and modifying access control lists (ACLs).