A new Android Trojan, named SoumniBot, has been uncovered, specifically targeting users in South Korea by exploiting vulnerabilities in the Android manifest extraction and parsing procedures. This malware is distinctive for its unconventional methods of evasion, particularly through the obfuscation of the Android manifest, as revealed by Kaspersky researcher Dmitry…
In a recent address at the HIMSS Healthcare Cybersecurity Forum, cybersecurity experts John Riggi and Richard Staynings emphasized the significant cybersecurity threats that arise from third-party vendors and associated organizations. Riggi, a former FBI special agent and a national advisor for Cybersecurity and Risk at the American Hospital Association, highlighted…
Google Addresses Critical Security Flaws in Chrome Browser In a proactive response to ongoing security concerns, Google has deployed patches to rectify nine significant vulnerabilities in its Chrome web browser, one of which is a serious zero-day flaw that has reportedly been exploited in the wild. This vulnerability, designated as…
The cyber threat landscape continues to evolve as researchers from Trend Micro report that the perpetrators behind the RedLine and Vidar information stealers are shifting their tactics to include ransomware attacks. This alarming trend has been facilitated through phishing campaigns that distribute malware utilizing Extended Validation (EV) code signing certificates,…
Data Breach at MIT Technology Review Exposes User Records In a significant data breach incident, hackers have reportedly compromised the MIT Technology Review Magazine, accessing nearly 290,000 user records through a third-party contractor. The alleged perpetrator, known as Intel Broker, has disseminated the leaked information on Breach Forums, a platform…
DDoS Attack Disrupts Three UK Councils: NoSensitive Data Compromised In a recent cybersecurity incident, three councils in the United Kingdom—Salford, Portsmouth, and Middlesbrough—experienced significant disruptions due to a Distributed Denial of Service (DDoS) attack. These attacks led to temporary outages, rendering the councils’ websites inaccessible to users and hampering public…
Finance & Banking, Industry Specific, Next-Generation Technologies & Secure Development Summit on Nov. 7 to Address Evolving Cyber Risks in Finance Chris Riotta (@chrisriotta) • November 4, 2024 Leading cybersecurity professionals will gather on November 7 for ISMG’s Financial Services Summit to address financial sector vulnerabilities. (Image: Shutterstock) The 2024…
CrushFTP Users Urged to Update Following Newly Discovered Vulnerability The CrushFTP enterprise file transfer software has been hit by a security vulnerability that is reportedly being exploited in active attacks. In a recent advisory, CrushFTP informed its users that versions of the software prior to 11.1 are susceptible to a…
Case Overview A pivotal legal confrontation is looming as the U.S. Supreme Court gears up to hear arguments in a high-profile case involving Facebook, now known as Meta. The lawsuit revolves around the company’s alleged failure to properly disclose a substantial data breach related to Cambridge Analytica, a scandal that…
