Have some tips? Write it down and share it to your friends!
Click Login Now button to start!
News
Cyber Security Related News
A critical Bluetooth security vulnerability, identified and tracked as CVE-2023-45866, has emerged as a significant threat, potentially giving malicious actors the ability to exploit an authentication bypass and take control of a broad spectrum of devices, including Android, Linux, macOS, and iOS systems. Discovered by security researcher Marc Newlin in August 2023, this flaw exposes a concerning case of authentication bypass that allows attackers...
December 11, 2023 18:28 (on 12/12/23) | 0 |
2 minutes read
Authorities apprehended four members of a fraudulent syndicate engaging in "Frankenstein" fraud, synthetic identity fraud. The suspects utilized valid IDs with authentic photos but filled with false information, deceiving banks into granting loans. The arrest occurred during an entrapment operation conducted by the NBI-Anti-Organized and Transnational Crime Division. The seized IDs displayed varying details such as names, birthdates, and addresses, shedding light on the elaborate nature of...
December 3, 2023 17:02 (on 12/4/23) | 0 | 2 minutes read
In recent revelations, a cybersecurity analysis has brought to light the nefarious activities of a Telegram bot known as Telekopye, utilized by threat actors, codenamed Neanderthals, to orchestrate large-scale phishing scams. ESET security researcher Radek Jizba delves into the functionality of Telekopye, explaining its capability to craft phishing websites, emails, SMS messages, and more. What adds an additional layer of sophistication to this...
November 27, 2023 16:33 (on 11/28/23) | 0 |
2 minutes read
The U.S. Federal Communications Commission (FCC) is taking decisive action to counteract the rising threat of SIM-swapping attacks and port-out fraud within cell phone account scams. These fraudulent activities expose consumers to risks such as unauthorized access to personal data and the compromise of sensitive information.
The new rules, initially proposed in July 2023, mandate wireless...
November 20, 2023 16:42 (on 11/21/23) | 0 |
2 minutes read
A faction within the well-known Lazarus Group, identified as Sapphire Sleet (also known as APT38, BlueNoroff, CageyChameleon, and CryptoCore), has recently established deceptive infrastructure mimicking skills assessment portals. Microsoft, which detected this activity, notes it as a notable shift in the persistent actor's tactics.
Sapphire Sleet has a history of orchestrating...
November 14, 2023 23:55 (on 11/15/23) | 0 |
1 minute read
Google has issued a warning regarding a potential threat wherein multiple actors are sharing a public proof-of-concept (PoC) exploit, known as the Google Calendar RAT (GCR). This tool utilizes Google Calendar Events within a Gmail account for command-and-control (C2) purposes. While it was first made public on GitHub in June 2023, it has not been observed in real-world usage as of yet. Nevertheless, Google's Mandiant threat intelligence unit has...
November 6, 2023 16:34 (on 11/7/23) | 0 |
2 minutes read
Google is expanding its Vulnerability Rewards Program (VRP) to reward researchers who uncover potential threats specific to generative artificial intelligence (AI) systems. This initiative aims to enhance AI safety and security by addressing concerns like unfair bias, model manipulation, and data misinterpretations associated with generative AI. The program covers various categories, including prompt injections, data leakage from training datasets,...
November 1, 2023 19:06 (on 11/2/23) | 0 |
1 minute read
New information has surfaced regarding a malicious advertising campaign that exploits Google Ads to direct users searching for popular software to fake landing pages and distribute subsequent-stage malware.
Malwarebytes, the organization that uncovered this activity, noted its uniqueness in user fingerprinting and the distribution of time-sensitive payloads. This attack targets individuals...
October 23, 2023 17:00 (on 10/24/23) | 0 |
2 minutes read
The Android banking trojan, SpyNote, has been thoroughly examined to uncover its multifaceted data-gathering capabilities. Typically distributed through SMS phishing campaigns, this spyware tricks potential victims into installing it by luring them to click on embedded links. Once installed, SpyNote seeks invasive permissions to access call logs, the camera, SMS messages, and external storage. It excels at concealing its presence on the Android...
October 16, 2023 17:16 (on 10/17/23) | 0 |
2 minutes read
Google has made a significant stride in user security by implementing default passkeys for all its users. This move comes five months after the company initially rolled out support for the passwordless standard for Google Accounts, as advocated by the FIDO Alliance, across all platforms.
What this means is that the next time users log into their Google accounts, they will encounter prompts to...
October 9, 2023 18:15 (on 10/10/23) | 0 |
2 minutes read