FakeCall Malware Employs Vishing to Gain Full Control Over Mobile Devices
A new variant of the notorious FakeCall malware has been discovered, using advanced vishing (voice phishing) techniques to deceive users and take near-total control of…
Month: November 2024
Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned
Nov 01, 2024Ravie LakshmananVulnerability / Cloud Security Cybersecurity researchers have flagged a “massive” campaign that targets exposed Git configurations to siphon credentials, clone private repositories,…
What will the Employments Rights Bill mean for tech employers?
Much has been speculated since the Labour Party first published its manifesto with groundbreaking legal changes pledged but without detail as to what this would…
Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft
Nov 01, 2024Ravie LakshmananThreat Intelligence / Network Security Microsoft has revealed that a Chinese threat actor it tracks as Storm-0940 is leveraging a botnet called…
Enterprise demand for GenAI fuels profit and revenue growth at AWS
Amazon Web Services (AWS) is experiencing a “significant re-acceleration” in its growth, its parent company’s CEO has declared, after the public cloud giant reported 19.1%…
Zero-Click Flaw Exposes Potentially Millions of Popular Storage Devices to Attack
The researchers also said the photo application, which helps users organize photos, provided easy access whether customers connect their NAS device directly to the internet…
LightSpy iOS Malware Upgraded To Include 28 Plugins With Destructive Capabilities
The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices. The malware’s core binaries were even signed with the same…
Hackers Exploiting SharePoint RCE Vulnerability to Compromise Entire Domain
A sophisticated attack that compromised an entire domain by exploiting a critical vulnerability in Microsoft SharePoint. The attack, which remained undetected for two weeks, showcases…
Microsoft Delays Windows Copilot+ Recall Release Over Privacy Concerns
Nov 01, 2024Ravie LakshmananData Security / Artificial Intelligence Microsoft is further delaying the release of its controversial Recall feature for Windows Copilot+ PCs, stating it’s…
How open-source MDM solutions simplify cross-platform device management
In this Help Net Security interview, Mike McNeil, CEO at Fleet, talks about the security risks posed by unmanaged mobile devices and how mobile device…
Cyber Atttack disrupts NISA DHL Delivery Operations: A Closer Look
On October 31, 2024, NISA, a prominent UK-based grocery store chain, issued a statement addressing a significant disruption in its logistics and delivery operations. The…
50% of financial orgs have high-severity security flaws in their apps
Security debt, defined for this report as flaws that remain unfixed for longer than a year, exists in 76% of organizations in the financial services…