Google has issued a warning regarding a potential threat wherein multiple actors are sharing a public proof-of-concept (PoC) exploit, known as the Google Calendar RAT (GCR). This tool utilizes Google Calendar Events within a Gmail account for command-and-control (C2) purposes. While it was first made public on GitHub in June 2023, it has not been observed in real-world usage as of yet. Nevertheless, Google's Mandiant threat intelligence unit has...

Google is expanding its Vulnerability Rewards Program (VRP) to reward researchers who uncover potential threats specific to generative artificial intelligence (AI) systems. This initiative aims to enhance AI safety and security by addressing concerns like unfair bias, model manipulation, and data misinterpretations associated with generative AI. The program covers various categories, including prompt injections, data leakage from training datasets,...

New information has surfaced regarding a malicious advertising campaign that exploits Google Ads to direct users searching for popular software to fake landing pages and distribute subsequent-stage malware.

Malwarebytes, the organization that uncovered this activity, noted its uniqueness in user fingerprinting and the distribution of time-sensitive payloads. This attack targets individuals...

The Android banking trojan, SpyNote, has been thoroughly examined to uncover its multifaceted data-gathering capabilities. Typically distributed through SMS phishing campaigns, this spyware tricks potential victims into installing it by luring them to click on embedded links. Once installed, SpyNote seeks invasive permissions to access call logs, the camera, SMS messages, and external storage. It excels at concealing its presence on the Android...

Google has made a significant stride in user security by implementing default passkeys for all its users. This move comes five months after the company initially rolled out support for the passwordless standard for Google Accounts, as advocated by the FIDO Alliance, across all platforms.

What this means is that the next time users log into their Google accounts, they will encounter prompts to...

There have been reports of dual ransomware attacks on US companies since July 2023. These attacks involve the use of two different ransomware strains, including AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal, in various combinations. It is unclear how widespread these attacks are, but they are believed to occur within a short timeframe, ranging from 48 hours to 10 days apart. It's important to be vigilant and take necessary...

Apple has taken swift action by releasing security patches to counter three zero-day vulnerabilities that were actively exploited across iOS, iPadOS, macOS, watchOS, and Safari. These patches bring the tally of zero-day vulnerabilities discovered in Apple's software this year to a staggering 16. 

The vulnerabilities include issues with certificate validation, a kernel security flaw, and a...

Microsoft has issued a warning about a new phishing campaign called Storm-0324 (also known as TA543 and Sagrid) orchestrated by an initial access broker. This campaign diverges from traditional email-based methods by using Microsoft Teams messages as bait to infiltrate corporate networks.

Storm-0324 operates as a payload distributor in the cybercriminal realm, facilitating the spread of various...

Fake Telegram apps with spyware capabilities have been discovered on the Google Play Store, aiming to steal sensitive information from Android devices. These malicious apps, dubbed "Evil Telegram" by cybersecurity firm Kaspersky, were responsible for collecting user data, including names, user IDs, contacts, phone numbers, and chat messages, and sending it to a server controlled by threat actors. These counterfeit apps had been downloaded millions...

Meta recently announced that it successfully disrupted two of the world's largest covert influence operations that originated from China and Russia. As a result, numerous accounts and pages were blocked across its platform. Guy Rosen, Meta's Chief Information Security Officer, reported that these operations targeted more than 50 applications, including popular platforms like Facebook, Instagram, X (formerly Twitter), YouTube, TikTok, Reddit,...