New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys

/in

Android device users in South Korea have emerged as a target of a new mobile malware campaign that delivers a new type of threat dubbed SpyAgent.
The malware “targets mnemonic keys by scanning for images on your device that might contain them,” McAfee Labs researcher SangRyol Ryu said in an analysis, adding the targeting footprint has broadened in scope to include the U.K.
The campaign makes use

The Hacker News – ​Read More

Absolute Purchases Syxsense to Tackle Cyber Vulnerabilities

/in

Absolute Security has acquired Syxsense, an endpoint and vulnerability management provider, to enhance its cyber resilience platform. The acquisition aims to simplify patching and remediation through automated workloads.

Cyware News – Latest Cyber News – ​Read More

Critical Flaw in IBM webMethods Integration Demand Immediate Action

/in

IBM webMethods Integration Server is hit by a critical flaw (CVE-2024-45076) with a CVSS score of 9. 9, demanding urgent attention. This flaw allows authenticated users to execute arbitrary commands, escalate privileges, and access sensitive files.

Cyware News – Latest Cyber News – ​Read More

Red Hat Issues Critical Patch for Pulpcore Authentication Bypass Flaw (CVE-2024-7923)

/in

Red Hat has issued a critical security advisory for an authentication bypass vulnerability (CVE-2024-7923) in Pulpcore, a content management system used in Red Hat Satellite deployments.

Cyware News – Latest Cyber News – ​Read More

What is a TPM, and why does Windows 11 require one?

/in

Officially, Windows 11 requires a Trusted Platform Module. Here’s what it does and how you can work around that requirement if your old PC doesn’t have one.

Latest stories for ZDNET in Security – ​Read More

TIDRONE Espionage Group Targets Taiwan Drone Makers in Cyber Campaign

/in

A previously undocumented threat actor with likely ties to Chinese-speaking groups has predominantly singled out drone manufacturers in Taiwan as part of a cyber attack campaign that commenced in 2024.
Trend Micro is tracking the adversary under the moniker TIDRONE, stating the activity is espionage-driven given the focus on military-related industry chains.
The exact initial access vector used

The Hacker News – ​Read More

U.S. Offers $10 Million for Info on Russian Cadet Blizzard Hackers Behind Major Attacks

/in

The U.S. government and a coalition of international partners have officially attributed a Russian hacking group tracked as Cadet Blizzard to the General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155).
“These cyber actors are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm

The Hacker News – ​Read More

‘TIDrone’ Cyberattackers Target Taiwan’s Drone Manufacturers

/in

The Chinese-speaking group is launching sophisticated malware towards military and satellite targets globally.

darkreading – ​Read More

Lazarus Group Targets Blockchain Pros with Fake Video Conferencing, Job Scam

/in

A new Group-IB report highlights an ongoing campaign by the North Korean Lazarus Group, known as the “Eager…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

New RAMBO attack steals data using RAM in air-gapped computers

/in

A novel side-channel attack dubbed  “RAMBO” (Radiation of Air-gapped Memory Bus for Offense) generates electromagnetic radiation from a device’s RAM to send data from air-gapped computers. […]

BleepingComputer – ​Read More