Researchers have uncovered a concerning development involving several Android applications that were available on Google Play, despite passing the platform’s security checks. These apps have reportedly been functioning as surveillance tools, quietly transmitting sensitive user data to North Korean intelligence operatives. Identified as KoSpy by Lookout, the security firm responsible…
Government, Incident & Breach Response, Industry Specific Cyber Defense Agency Cuts Funding for Critical Cybersecurity Resource Amid Shift in Federal Focus Chris Riotta (@chrisriotta) • March 12, 2025 The federal government has ceased funding for a hub that provided real-time cybersecurity threat intelligence to state and local governments. (Image: Shutterstock)…
KnowBe4 has unveiled its “Global Retail Report 2025,” which highlights a concerning evolution in the tactics employed by cybercriminals targeting the retail industry. The report indicates that credential harvesting has emerged as the predominant threat, constituting 38% of all compromised data in 2023. In contrast, the theft of payment card…
Signal App Security Measures: Enhancing User Privacy for Business Professionals Recent updates to the messaging application Signal have introduced several security features aimed at reinforcing user privacy. These enhancements come as organizations and businesses grapple with the implications of data breaches and cyber threats. To navigate the settings on Signal,…
Manufacturers of perimeter security appliances, which encompass devices like CCTV systems, firewalls, radar technologies, and access control solutions, have increasingly overlooked the need to embed strong security features into their products. This oversight leaves these devices vulnerable, contributing to a surge in ransomware incidents. A recent annual threat report published…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development New Memory Injection Attack, ‘Minja’, Shows Alarming Efficacy on OpenAI Models Rashmi Ramesh (rashmiramesh_) • March 12, 2025 Image: Shutterstock Researchers have identified a novel memory injection attack dubbed “Minja,” which has been demonstrated to transform AI chatbots into unintentional…
Lazarus Group Strikes Again: Malicious Packages Discovered in npm Repository The notorious Lazarus Group, an advanced persistent threat (APT) linked to the North Korean government, has resurfaced with a new campaign, infiltrating the npm software repository—a vital resource for developers globally. Research from the Socket Research Team has revealed the…
Machine-to-Machine (M2M) communication plays a pivotal role in modern digital infrastructure, enabling machines to interact without human input. This automated process facilitates the unmediated exchange of data between devices, driving operational efficiency across various sectors. As M2M technologies advance, enhancements in security will be essential to ensure the reliability of…
Plankey’s Nomination to Lead CISA Highlights Cybersecurity Preparedness Efforts in Energy Sector Sean Plankey, nominated by U.S. President Donald Trump to lead the Cybersecurity and Infrastructure Security Agency (CISA), brings a wealth of experience from his previous roles within the Department of Energy and the National Security Council. His appointment…
