New Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHP

/in

Cybersecurity researchers have discovered a new PHP-based backdoor called Glutton that has been put to use in cyber attacks targeting China, the United States, Cambodia, Pakistan, and South Africa.
QiAnXin XLab, which discovered the malicious activity in late April 2024, attributed the previously unknown malware with moderate confidence to the prolific Chinese nation-state group tracked Winnti (

The Hacker News – ​Read More

Hackers Can Jailbreak Digital License Plates to Make Others Pay Their Tolls and Tickets

/in

Digital license plates sold by Reviver, already legal to buy in some states and drive with nationwide, can be hacked by their owners to evade traffic regulations or even law enforcement surveillance.

Security Latest – ​Read More

New Investment Scam Leverages AI, Social Media Ads to Target Victims Worldwide

/in

Cybersecurity researchers are calling attention to a new kind of investment scam that leverages a combination of social media malvertising, company-branded posts, and artificial intelligence (AI) powered video testimonials featuring famous personalities, ultimately leading to financial and data loss.
“The main goal of the fraudsters is to lead victims to phishing websites and forms that harvest

The Hacker News – ​Read More

Remote Access Checklist

/in

This Remote Access Checklist, created by Scott Matteson for TechRepublic Premium, should be used to ensure all employees have the requisite items, accounts, access, and instructions needed for remote work. It should be filled out by the IT department and signed off on by the employee and their supervisor/manager. This checklist can be customized to …

Security | TechRepublic – ​Read More

Ukrainian Minors Recruited for Cyber Ops and Reconnaissance in Russian Airstrikes

/in

The Security Service of Ukraine (SBU or SSU) has exposed a novel espionage campaign suspected to be orchestrated by Russia’s Federal Security Service (FSB) that involves recruiting Ukrainian minors for criminal activities under the guise of “quest games.”
Law enforcement officials said that it detained two FSB agent groups following a special operation in Kharkiv. These groups, per the agency,

The Hacker News – ​Read More

Serbian police used Cellebrite to unlock, then plant spyware, on a journalist’s phone

/in

Amnesty said it found NoviSpy, an Android spyware linked to Serbian intelligence, on the phones of several members of Serbian civil society following police stops.

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

Resecurity introduces Government Security Operations Center (GSOC) at NATO Edge 2024

/in

Resecurity unveils AI-powered GSOC at NATO Edge 2024, integrating VR for advanced cybersecurity. Tailored for MSSPs, it enhances…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

The Simple Math Behind Public Key Cryptography

/in

The security system that underlies the internet makes use of a curious fact: You can broadcast part of your encryption to make your information much more secure.

Security Latest – ​Read More

Rhode Island says personal data likely breached in social services cyberattack

/in

State officials said hundreds of thousands of Rhode Island residents could be affected by a cyberattack on the state’s online portal for social services, with a “high probability” that  personally identifiable information was breached. According to an update from Governor Dan McKee’s office, the attack targeted RIBridges, which Rhode Island residents use to apply for […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

Germany Disrupts BADBOX Malware on 30,000 Devices Using Sinkhole Action

/in

Germany’s Federal Office of Information Security (BSI) has announced that it has disrupted a malware operation called BADBOX that came preloaded on at least 30,000 internet-connected devices sold across the country.
In a statement published earlier this week, authorities said they severed the communications between the devices and their command-and-control (C2) servers by sinkholing the domains

The Hacker News – ​Read More