A malicious QR code reader app on Google Play has been found distributing the Anatsa banking malware, posing a significant threat to users’ financial data. The app has already been downloaded thousands of times.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-05 09:06:332024-07-05 09:06:33Malicious QR Reader App in Google Play Delivers Anatsa Banking Malware
The supply chain attack targeting widely-used Polyfill[.]io JavaScript library is wider in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the malicious domain as of July 2, 2024.
This includes references to “https://cdn.polyfill[.]io” or “https://cdn.polyfill[.]com” in their HTTP responses, the attack
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-05 05:10:132024-07-05 05:10:13Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies
Cybersecurity researchers have uncovered a new botnet called Zergeca that’s capable of conducting distributed denial-of-service (DDoS) attacks.
Written in Golang, the botnet is so named for its reference to a string named “ootheca” present in the command-and-control (C2) servers (“ootheca[.]pw” and “ootheca[.]top”).
“Functionally, Zergeca is not just a typical DDoS botnet; besides supporting six
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-05 00:06:312024-07-05 00:06:31Ticketmaster Breach: ShinyHunters Leak 440,000 Taylor Swift Eras Tour Tickets
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-04 20:07:122024-07-04 20:07:12Volcano Demon Ransomware Gang Makes Phone Calls to Victim for Ransom
Lawmakers voted to advance legislation that would require AI companies to test their systems and add safety measures to prevent them from being potentially manipulated for malicious purposes.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-04 16:07:192024-07-04 16:07:19California Advances Unique Safety Regulations for AI Companies Despite Tech Firm opposition
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-04 14:06:312024-07-04 14:06:31ShinyHunters Leak 33M Twilio Authy Phone Numbers, Neiman Marcus and Truist Bank Data
ANSSI warned about a hacking group linked to Russia’s SVR targeting French diplomatic interests. The group has compromised email accounts at the French Ministry of Culture and the National Agency for Territorial Cohesion
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-07-04 14:06:302024-07-04 14:06:30Alert: French Diplomats Targeted By Russian Cyber Attacks
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Malicious QR Reader App in Google Play Delivers Anatsa Banking Malware
/in General NewsA malicious QR code reader app on Google Play has been found distributing the Anatsa banking malware, posing a significant threat to users’ financial data. The app has already been downloaded thousands of times.
Cyware News – Latest Cyber News – Read More
Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies
/in General NewsThe supply chain attack targeting widely-used Polyfill[.]io JavaScript library is wider in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the malicious domain as of July 2, 2024.
This includes references to “https://cdn.polyfill[.]io” or “https://cdn.polyfill[.]com” in their HTTP responses, the attack
The Hacker News – Read More
New Golang-Based Zergeca Botnet Capable of Powerful DDoS Attacks
/in General NewsCybersecurity researchers have uncovered a new botnet called Zergeca that’s capable of conducting distributed denial-of-service (DDoS) attacks.
Written in Golang, the botnet is so named for its reference to a string named “ootheca” present in the command-and-control (C2) servers (“ootheca[.]pw” and “ootheca[.]top”).
“Functionally, Zergeca is not just a typical DDoS botnet; besides supporting six
The Hacker News – Read More
Ticketmaster Breach: ShinyHunters Leak 440,000 Taylor Swift Eras Tour Tickets
/in General NewsThe ShinyHunters hacker group claims the Ticketmaster breach is far bigger than previously anticipated, stealing 193 million barcodes,…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Volcano Demon Ransomware Gang Makes Phone Calls to Victim for Ransom
/in General NewsAccording to cybersecurity researchers at Halcyon AI, the new Volcano Demon ransomware gang calls its victims “very frequently,…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Cyber Insurance Premiums Are Declining Worldwide as Businesses Improve Security, Howden Insurance Broker Report Finds
/in General NewsRates have declined by 15% since the market peak in 2022, according to Howden Insurance Brokers.
Security | TechRepublic – Read More
Operation Morpheus Disrupts 593 Cobalt Strike Servers Used for Ransomware
/in General NewsGlobal Operation Morpheus dismantles Cobalt Strike network: Law enforcement takes down criminal infrastructure used for ransomware and data…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
California Advances Unique Safety Regulations for AI Companies Despite Tech Firm opposition
/in General NewsLawmakers voted to advance legislation that would require AI companies to test their systems and add safety measures to prevent them from being potentially manipulated for malicious purposes.
The post California Advances Unique Safety Regulations for AI Companies Despite Tech Firm opposition appeared first on SecurityWeek.
SecurityWeek – Read More
ShinyHunters Leak 33M Twilio Authy Phone Numbers, Neiman Marcus and Truist Bank Data
/in General NewsShinyHunters hackers have taken responsibility for three high-profile data breaches involving Neiman Marcus, Truist Bank, and Twilio Authy,…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Alert: French Diplomats Targeted By Russian Cyber Attacks
/in General NewsANSSI warned about a hacking group linked to Russia’s SVR targeting French diplomatic interests. The group has compromised email accounts at the French Ministry of Culture and the National Agency for Territorial Cohesion
Cyware News – Latest Cyber News – Read More