Get an Extensive Education in Cybersecurity for Just $40
This extensive bundle includes nine courses and more than 50 hours of training in ethical hacking, Kali Linux, certification exams, and more.
Security | TechRepublic – Read More
Google Chrome Adds App-Bound Encryption to Protect Cookies from Malware
Google has announced that it’s adding a new layer of protection to its Chrome browser through what’s called app-bound encryption to prevent information-stealing malware from grabbing cookies on Windows systems.
“On Windows, Chrome uses the Data Protection API (DPAPI) which protects the data at rest from other users on the system or cold boot attacks,” Will Harris from the Chrome security team
The Hacker News – Read More
Secretive: Open-Source App for Storing and Managing SSH Keys in the Secure Enclave
Secretive is an open-source app that securely stores and manages SSH keys in the Secure Enclave for Macs. Storing keys in the Secure Enclave prevents copying or exporting by malicious users or malware, ensuring a higher level of security.
Cyware News – Latest Cyber News – Read More
Lineaje Secures $20 Million in Funding To Address Software Supply Chain Issues
Lineaje has raised $20 million in a Series A funding round, led by Prosperity7 Ventures, Neotribe, and Hitachi Ventures, with Tenable Ventures also participating. This investment highlights the increasing demand for software supply chain security.
Cyware News – Latest Cyber News – Read More
EvilProxy Phishing Kit Used in Over One Million Attacks Monthly
EvilProxy, known as the “LockBit of phishing,” is a popular phishing kit used in over a million attacks each month. It allows cybercriminals to launch ransomware infections, steal data, and compromise business emails.
Cyware News – Latest Cyber News – Read More
Personal, Health Information Stolen From Pharma Giant Cencora
Pharma giant Cencora has confirmed that personal and health information was stolen in a February 2024 cyberattack.
The post Personal, Health Information Stolen From Pharma Giant Cencora appeared first on SecurityWeek.
SecurityWeek – Read More
Facebook Ads Lead to Fake Websites Stealing Credit Card Information
Facebook users are the target of a scam e-commerce network that uses hundreds of fake websites to steal personal and financial data using brand impersonation and malvertising tricks.
Recorded Future’s Payment Fraud Intelligence team, which detected the campaign on April 17, 2024, has given it the name ERIAKOS owing to the use of the same content delivery network (CDN) oss.eriakos[.]com.
“These
The Hacker News – Read More
Threat Actor Impersonates Google via Fake Ads for Authenticator
A threat actor recently impersonated Google through a fake ad for the Google Authenticator, a popular multi-factor authentication program. This resulted in innocent users unknowingly downloading malware or falling victim to phishing scams.
Cyware News – Latest Cyber News – Read More
Beware of Fake AI Tools Masking a Very Real Malware Threat
Attackers disguise malicious tools as legitimate GenAI apps through phishing sites, web browser extensions, fake apps on mobile stores, and malicious ads on social media.
Cyware News – Latest Cyber News – Read More
Tycoon 2FA Phishing Kit Exploits Amazon SES to Steal User Credentials
The attack begins with emails from an Amazon SES client containing empty PDF attachments and a message from Docusign. Despite some checks failing, the emails can still appear legitimate due to the compromised source.
Cyware News – Latest Cyber News – Read More