The US Supreme Court gave the green light on Monday for WhatsApp to pursue a lawsuit against NSO Group, the Israeli surveillance company, for installing the Pegasus spyware on roughly 1400 devices where WhatsApp was also installed.
The starting point of the cyber assault is to direct users searching for healthcare-related keywords to an infected WordPress blog that tricks them into downloading malware-laced ZIP files.
A comprehensive analysis of the cryptographic protocols used in the Swiss encrypted messaging application Threema has revealed a number of loopholes that could be exploited to break authentication protections and even recover users’ private keys.
The StrongPity group has been found using a fake website since 2021 that impersonates the actual Shagle site to trick victims into downloading a malicious Android. Once installed, this app enables hackers to conduct espionage on the targeted victims.
Security researcher Abdulraheem Khaled has discovered a coding scheme that can allow attackers to perform prototype pollution-like attacks on Python programs. He calls it ‘class pollution’ in a blog post documenting his findings.
A new malware campaign has been observed targeting users in Italy with phishing emails designed to deploy an information stealer on compromised Windows systems to steal system info, browser histories, cookies, and credentials of crypto wallets.
No explanation of the attack’s impact on its business operations has yet been disclosed, nor has the nature of the attack. The company stated it is “taking steps to ensure that its businesses can continue to trade with its customers and suppliers.”
In November 2011, the FBI-led Operation Ghost Click raided malicious servers run by the Rove Digital cyber group. This was only after it had used the DNSChanger Trojan to infect over four million computers and generate $14 million in illicit profits.
American investigative reporter Emma Best, a founder of the whistleblower site Distributed Denial of Secrets (DDoSecrets), told The Record in July that hackers had leaked over 12 million Russian documents to the organization since February.
The multiple breaches of password management giant LastPass in 2022 has created significant discussion – and alarm – among the cybersecurity community, not to mention affected LastPass customers.