BleepingComputer.com

"Evil Telegram campaign on Google Play infected thousands with spyware."


Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 10 September 2023, 1446 UTC.  Content provided by "BleepingComputer.com."

Source:  https://www.bleepingcomputer.com/ ("BleepingComputer.com").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST ARTICLES

'Evil Telegram' campaign on Google Play infected thousands with spyware

  • Several malicious Telegram clones are available on Google Play, Android's official app store, which includes spyware functionality that steals user messages, contacts lists, and other data.

  • Google Chrome
     
    GOOGLE, SECURITY, TECHNOLOGY

Google rolls out Privacy Sandbox to use Chrome browsing history for ads

  • Google has started to roll out its new interest-based advertising platform called the Privacy Sandbox, shifting the tracking of user's interests from third-party cookies to the Chrome browser.

  • Microsoft Teams
     
    SECURITY, MICROSOFT

Microsoft Teams phishing attack pushes DarkGate malware

  • A new phishing campaign is abusing Microsoft Teams messages to send malicious attachments that install the DarkGate Loader malware.

  • Conti ransomware
     
    SECURITY

The Week in Ransomware - September 8th 2023 - Conti Indictments

  • It started as a slow ransomware news week but slowly picked up pace with the Department of Justice announcing indictments on TrickBot and Conti operations members.

  • Notepad++
     
    SECURITY, SOFTWARE

Notepad++ 8.5.7 released with fixes for four security vulnerabilities

  • Notepad++ version 8.5.7 has been released with fixes for multiple buffer overflow zero-days, with one marked as potentially leading to code execution by tricking users into opening specially crafted files.

  • Medical Health Hospital Patient
     
    SECURITY

Ragnar Locker claims attack on Israel's Mayanei Hayeshua hospital

  • The Ragnar Locker ransomware gang has claimed responsibility for an attack on Israel's Mayanei Hayeshua hospital, threatening to leak 1 TB of data allegedly stolen during the cyberattack.

  • Dymocks
     
    SECURITY

Dymocks Booksellers suffers data breach impacting 836k customers

  • Dymocks Booksellers is warning customers their personal information was exposed in a data breach after the company's database was shared on hacking forums.

  • Cisco
     
    SECURITY

Cisco warns of VPN zero-day exploited by ransomware gangs

  • Cisco is warning of a CVE-2023-20269 zero-day vulnerability in its Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) that is actively exploited by ransomware operations to gain initial access to corporate networks.

  • Windows 11 HDR
     
    MICROSOFT

Microsoft Paint in Windows 11 gets a background removal tool

  •  Microsoft is rolling out a new version of the Paint application on Windows 11 Insider builds that can remove the background from any picture with the click of a button.

  • CISA
     
    SECURITY

CISA warns of critical Apache RocketMQ bug exploited in attacks

  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added to its catalog of known exploited vulnerabilities (KEV) a critical-severity issue tracked as CVE-2023-33246 that affects Apache's RocketMQ distributed messaging and streaming platform.

  • Hacker Airplane
     
    SECURITY

Iranian hackers breach US aviation org via Zoho, Fortinet bugs

  • State-backed hacking groups have breached a U.S. aeronautical organization using exploits targeting critical Zoho and Fortinet vulnerabilities, a joint advisory published by CISA, the FBI, and the United States Cyber Command (USCYBERCOM) revealed on Thursday.

  • Google Chrome Flare
     
    GOOGLE

Google is enabling Chrome real-time phishing protection for everyone

  • Google announced today that it is bringing additional security to the Google Chrome standard Safe Browsing feature by enabling real-time phishing protection for all users. 

  • Apple Triangle
     
    SECURITY, APPLE

Apple zero-click iMessage exploit used to infect iPhones with spyware

  • Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain (dubbed BLASTPASS) to deploy NSO Group's Pegasus commercial spyware onto fully patched iPhones.

  • Cisco
     
    SECURITY

Cisco BroadWorks impacted by critical authentication bypass flaw

  • A critical vulnerability impacting the Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow remote attackers to forge credentials and bypass authentication.

  • Google
     
    SECURITY, GOOGLE

Google Looker Studio abused in cryptocurrency phishing attacks

  • Cybercriminals are abusing Google Looker Studio to create counterfeit cryptocurrency phishing websites that phish digital asset holders, leading to account takeovers and financial losses.

  • Lazarus
     
    SECURITY, GOVERNMENT, MICROSOFT

Microsoft: North Korean hackers target Russian govt, defense orgs

  • Microsoft says North Korean hacking groups have breached multiple Russian government and defense targets since the start of the year.

VIEW MORE

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

The Cyberwire Daily Briefing

Image
"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deploys ne
Read more

BleepingComputer.com

Image
"Progress LoadMaster vulnerable to 10/10 severity RCE flaw." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 September 2024, 1458 UTC. Content and Source:   https://www.bleepingcomputer.com/ Please check link or scroll down to read your selections. Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Latest Articles   Security Progress LoadMaster vulnerable to 10/10 severity RCE flaw Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. Bill Toulas   September 08, 2024   10:11 AM     0   Deals Get started learning about cybersecurity with this course bundle deal Take a real step towards a job in information security with this intro to cybersecurity. Get the 2024 Cybersecurity Essentials Bundl
Read more

SecurityWeek Briefing

Image
"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 September 2024, 0035 UTC. Content and Source:  https://www.securityweek.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controversial ‘Airp
Read more