New BlankBot Android Trojan Can Steal User Data

/in

The BlankBot Android trojan exfiltrates user data, executes C&C commands, and supports custom injections, keylogging, and screen recording.

The post New BlankBot Android Trojan Can Steal User Data appeared first on SecurityWeek.

SecurityWeek – ​Read More

Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft

/in

A recent malvertising campaign has been exposed, where threat actors take over social media pages, rebranding them as popular AI photo editors and posting malicious links to fake websites.

Cyware News – Latest Cyber News – ​Read More

Credo AI Raises $21M to Help Enterprises Deploy AI Safely and Responsibly

/in

Credo AI, a startup specializing in artificial intelligence governance software, recently closed a $21 million Series B funding round led by CrimsoNox Capital, Mozilla Ventures, and FPV Ventures.

Cyware News – Latest Cyber News – ​Read More

Cloudflare Tunnels Abused for Malware Delivery

/in

Threat actors are abusing Cloudflare’s TryCloudflare feature to create one-time tunnels for the distribution of remote access trojans.

The post Cloudflare Tunnels Abused for Malware Delivery appeared first on SecurityWeek.

SecurityWeek – ​Read More

APT41 Likely Compromised Taiwanese Government-Affiliated Research Institute with ShadowPad and Cobalt Strike

/in

A government-affiliated research organization in Taiwan was attacked by APT41 hackers, a notorious Chinese hacking group known for targeting sensitive technologies. The breach, starting in July 2023, was identified by Cisco Talos researchers.

Cyware News – Latest Cyber News – ​Read More

CISA Warns of Avtech Camera Vulnerability Exploited in Wild

/in

An Avtech camera vulnerability that likely remains unfixed has been exploited in the wild, according to CISA.

The post CISA Warns of Avtech Camera Vulnerability Exploited in Wild appeared first on SecurityWeek.

SecurityWeek – ​Read More

Threat Intelligence: A Blessing and a Curse?

/in

Access to timely and accurate threat intelligence is essential for organizations, but it can be overwhelming to navigate the vast amount of available data and feeds. Balancing comprehensive information with relevance is crucial.

Cyware News – Latest Cyber News – ​Read More

Google Chrome Adds App-Bound Encryption to Block Infostealer Malware

/in

Google Chrome has implemented app-bound encryption to enhance cookie protection on Windows and defend against infostealer malware. This new feature encrypts data tied to app identity, similar to macOS’s Keychain, to prevent unauthorized access.

Cyware News – Latest Cyber News – ​Read More

U.S. Releases High-Profile Russian Hackers in Diplomatic Prisoner Exchange

/in

In a historic prisoner exchange between Belarus, Germany, Norway, Russia, Slovenia, and the U.S., two Russian nationals serving time for cybercrime activities have been freed and repatriated to their country.
This includes Roman Valerevich Seleznev and Vladislav Klyushin, who are part of a group of eight people who have been swapped back to Russia in exchange for the release of 16 people who

The Hacker News – ​Read More

Over 35k Domains Hijacked in ‘Sitting Ducks’ Attacks

/in

Threat actors have hijacked over 35,000 domains in five years because DNS providers fail to properly verify domain ownership.

The post Over 35k Domains Hijacked in ‘Sitting Ducks’ Attacks appeared first on SecurityWeek.

SecurityWeek – ​Read More