Tag: security

AT&T denies leaked data of 70 million people is from its systems

A hacker is selling a huge archive on the dark web, claiming it originated from a 2021 data breach at American telecommunications giant AT&T – however the company denies the data originated from its servers. BleepingComputer reported a threat actor with the alias ShinyHunters posted an ad on the RaidForums…

Read More

US signs up more countries for its anti-spyware push

During its third Summit for Democracy held on March 18, 2024, the White House made a significant announcement confirming that six additional nations have pledged their support to an international coalition focused on countering commercial spyware. With the inclusion of Finland, Germany, Ireland, Japan, Poland, and the Republic of Korea,…

Read More

Another Microsoft vulnerability is being used to spread malware

Hackers are using a novel phishing technique to deliver remote access trojans (RAT) to unsuspecting victims. According to the report, published this Monday, threat actors are using a technique called Object Linking and Embedding (OLE). This is a Windows feature that allows users to embed and link documents within documents,…

Read More

Russian hacker group exploits Microsoft Windows feature in worldwide phishing attack

The infamous Russian hacking collective, known as APT28, is now using a legitimate Microsoft Windows feature to deploy infostealers and other malware to their victims.  This is according to a new paper from IBM’s cybersecurity arm, X-Force, which claims the campaign has been active between November last year, and February…

Read More

This sneaky Android malware has an all-new way to avoid being detected

Cybersecurity researchers have found a new version of a well-known Android banking trojan malware which sports quite a creative method of hiding in plain sight. PixPirate targets mostly Brazilian consumers with accounts on the Pix instant payment platform, which allegedly counts more than 140 million customers, and services transactions north…

Read More

A Kubernetes security issue could have allowed full-blown Microsoft Windows node takeovers

Default installations of Kubernetes were vulnerable to a high-severity flaw, which allowed threat actors to remotely execute code with elevated privileges.  Researchers from Akamai discovered the flaw, which has since been patched, uncovering what’s now known as “insufficient input sanitization in in-tree storage plugin”, a flaw that’s tracked as CVE-2023-5588. …

Read More