The recent emergence of the malware known as ToxicPanda has raised alarms particularly among Android users. This malicious software, which is primarily aimed at extracting sensitive financial information, notably bank account details, has garnered attention for its deceptive tactics. ToxicPanda masquerades as legitimate applications, making it challenging for users to…
Human Rights Activists Targeted by New Phishing Campaign in Morocco and Western Sahara A new cybersecurity threat has emerged in Morocco and the Western Sahara, particularly targeting human rights activists associated with the Sahrawi Arab Democratic Republic (SADR). This threat actor, identified by Cisco Talos as Starry Addax, employs sophisticated…
Nokia Investigates Cyberattack Linked to Hacking Group IntelBroker Nokia has launched an extensive inquiry into a cyberattack reportedly executed by a hacking group identified as IntelBroker. This group has been disseminating sensitive corporate information across the internet for the last three days, prompting significant concerns both within Nokia and the…
A new Android Trojan, named SoumniBot, has been uncovered, specifically targeting users in South Korea by exploiting vulnerabilities in the Android manifest extraction and parsing procedures. This malware is distinctive for its unconventional methods of evasion, particularly through the obfuscation of the Android manifest, as revealed by Kaspersky researcher Dmitry…
Several widely-used Android applications on the Google Play Store have been identified as vulnerable due to a path traversal vulnerability known as the “Dirty Stream” attack. This flaw could enable malicious applications to overwrite files within the affected apps’ home directories. According to Dimitrios Valsamaras from the Microsoft Threat Intelligence…
The cyber threat group known as Arid Viper, also referred to as APT-C-23 or Desert Falcon, has emerged as the perpetrator behind a recent Android spyware campaign aimed at Arabic-speaking individuals. This sophisticated operation involves the distribution of a fake dating application that is designed to infiltrate users’ devices, extracting…
Kremlin-Backed Malware Targets Ukrainian Military Recruits Recent findings from Google researchers reveal the emergence of a sophisticated operation allegedly backed by the Kremlin, aimed at targeting individuals considering enlistment in the Ukrainian military. This disturbing campaign utilizes information-stealing malware designed for both Windows and Android platforms, primarily disseminated through Telegram…
Google Alerts Users to Exploited Vulnerability in Pixel Firmware Google has issued a warning regarding a security vulnerability affecting Pixel Firmware that is currently being exploited in the wild. Labeled as a zero-day flaw, this high-severity issue, identified by the code CVE-2024-32896, is categorized as an elevation of privilege vulnerability.…
Title: Analyzing App Location Permissions Amid Privacy Concerns In a growing focus on privacy, both Android and iOS platforms offer users insight into app permissions related to location data. Users are now able to manage their choices regarding whether an application can access their location consistently, only when in use,…
