Dec 17, 2024Ravie LakshmananCyber Espionage / Mobile Security A little-known cyber espionage actor known as The Mask has been linked to a new set of attacks targeting an unnamed organization in Latin America twice in…
Dec 17, 2024Ravie LakshmananNetwork Security / IoT Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in…
ConnectOnCall is alerting almost a million individuals whose personal and health information was stolen in a May data breach. ConnectOnCall, owned by healthcare tech company Phreesia, provides a digital answering service to healthcare providers for…
Dec 16, 2024Ravie LakshmananMalvertising / Threat Intelligence Cybersecurity researchers have shed light on a previously undocumented aspect associated with ClickFix-style attacks that hinge on taking advantage of a single ad network service as part of…
Dec 16, 2024Ravie LakshmananSpyware / Surveillance A Serbian journalist had his phone first unlocked by a Cellebrite tool and subsequently compromised by a previously undocumented spyware codenamed NoviSpy, according to a new report published by…
Dec 16, 2024Ravie LakshmananCyber Threats / Weekly Recap This past week has been packed with unsettling developments in the world of cybersecurity. From silent but serious attacks on popular business tools to unexpected flaws lurking…
With the evolution of modern software development, CI/CD pipeline governance has emerged as a critical factor in maintaining both agility and compliance. As we enter the age of artificial intelligence (AI), the importance of robust…
Dec 16, 2024Ravie LakshmananCryptocurrency / Phishing Attack Cybersecurity researchers are calling attention to a new kind of investment scam that leverages a combination of social media malvertising, company-branded posts, and artificial intelligence (AI) powered video…
Cybersecurity researchers have discovered a new PHP-based backdoor called Glutton that has been put to use in cyber attacks targeting China, the United States, Cambodia, Pakistan, and South Africa. QiAnXin XLab, which discovered the malicious…
Dec 16, 2024Ravie LakshmananCyber Attack / Cyber Espionage The Security Service of Ukraine (SBU or SSU) has exposed a novel espionage campaign suspected to be orchestrated by Russia’s Federal Security Service (FSB) that involves recruiting…