23 matches found
EUVD-2018-4327
Malware in sbrugna...
Meta Given Deadline to Address E.U. Concerns Over 'Pay or Consent' Model
Meta has been given time till September 1, 2024, to respond to concerns raised by the European Commission over its "pay or consent" advertising model or risk-facing enforcement measures, including sanctions. The European Commission said the Consumer Protection Cooperation CPC Network has notified...
Geomys, a blueprint for a sustainable open source maintenance firm
In 2022, I left Google in search of a sustainable approach to open source maintenance. A year later, I was a full-time independent professional open source maintainer. Today I’m announcing the natural progression of that experiment: Geomys,1 a small firm of professional maintainers with a portfol...
Ransomware-as-a-Service: The Growing Threat You Can't Ignore
Ransomware attacks have become a significant and pervasive threat in the ever-evolving realm of cybersecurity. Among the various iterations of ransomware, one trend that has gained prominence is Ransomware-as-a-Service RaaS. This alarming development has transformed the cybercrime landscape,...
Wallarm to Unveil New API Security Solution and Strategic Shift at Black Hat Europe 2023
If you're involved with cybersecurity and are based in Europe, then Black Hat Europe 2023 in London, December 6 and 7 is a must-attend event. Wallarm, the experts in API and Application Security, will be attending the event, and we're excited to connect with you. If you are planning to attend, co...
Organized Cyber Crime Cases: Access as a Service
Jon Clay, VP of Threat Intelligence at Trend Micro, explores the latest Trend Micro Research covering Access as a Service AaaS, an emerging business model selling all-access passes to other cyber criminals...
Hackers for Hire: Adversaries Employ ‘Cyber Mercenaries’
A for-hire cybercriminal group is feeling the talent-drought in tech just like the rest of the sector and has resorted to recruiting so-called “cyber-mercenaries” to carry out specific illicit hacks that are part of larger criminal campaigns. Dubbed Atlas Intelligence Group A.I.G., the cybergang...
This New Stealthy JavaScript Loader Infecting Computers with Malware
Threat actors have been found using a previously undocumented JavaScript malware strain that functions as a loader to distribute an array of remote access Trojans RATs and information stealers. HP Threat Research dubbed the new, evasive loader "RATDispenser," with the malware responsible for...
Ransomware Operators Found Using New "Franchise" Business Model
We found a relatively new and interesting ransomware operation that takes inspiration from franchise business models. It seems that the operators are rebranding a "supplier" ransomware before deployment instead of simply distributing it under the original name...
How cyberattacks are changing according to new Microsoft Digital Defense Report
In 2021, cybercrime has become more sophisticated, widespread, and relentless. Criminals have targeted critical infrastructure—healthcare,1 information technology,2 financial services,3 energy sectors4—with headline-grabbing attacks that crippled businesses and harmed consumers. But there are...
Act Against Geopiracy with Enhanced Proxy Detection
Widespread Use of Location Spoofing to Circumvent Territorial Content Restrictions Is the image below relatable? According to the description, the service is a VPN desktop application and proxy browser extension that helps viewers mask their physical location, circumvent censorship, and restore...
Insecure Database Exposes Millions of Private SMS Messages
Tens of millions of SMS messages have been found on an unprotected database, putting the private data of hundreds of millions of people in the United States at risk for theft or exposure and leaving a communications company open for potential intrusion, security researchers discovered. Noam Rotem...
When It Comes To IoT Security, Liability Is Muddled
BOSTON—From hacked connected cars to power grids, the implications of IoT security issues seem to be getting graver – yet when it comes to pointing fingers for security troubles, many times victims don’t even know where to start. IoT experts said at the Security of Things Forum today said that a...
Knowage Cross-Site Scripting Vulnerability
Knowage formerly SpagoBI is an open source suite for modern business analytics on traditional resources and big data systems from Knowage Italy. A cross-site scripting vulnerability exists in Knowage version 6.1.1. A remote attacker can exploit the vulnerability by sending the name field to the...
CVE-2018-12353
Knowage formerly SpagoBI 6.1.1 allows XSS via the name field to the "Business Model's Catalogue" catalogue...
Hotspot Shield Vulnerability Could Reveal ‘Juicy’ Info About Users, Researcher Claims
UPDATE A vulnerability in the popular HotSpot Shield VPN client, which is promoted as being able to hide users’ identities, could expose their IP addresses and “other juicy info,” according to a security researcher. Paulos Yibelo, a researcher who has collected on a number of bug bounties in the...
Shorting-For-Profit Viable Business Model For Security Community
LAS VEGAS–Justine Bone shook up the security research community last year when she decided to do the unconventional. The CEO of MedSec Holdings teamed with hedge fund company Muddy Waters Capital to short the stock of St. Jude Medical in order to profit from research that revealed life-threatenin...
WhatsApp is Now Free For Lifetime
Good News for WhatsApp users! The widely popular messaging service is going completely free. And you'll be able to use WhatsApp without paying a penny. Old WhatsApp users might not be aware of this, but WhatsApp introduced the subscription fees for its service a few years ago, forcing new users t...
Researchers Analyzing Attack Patterns With Cloud-Based Malware Data
BARCELONA–Successful targeted attacks against companies such as RSA, Google and others have made huge splashes in the news in the last year or two and drawn a lot of attention to the phenomenon. But it’s not just the successful attacks that are interesting, security researchers say. In many cases...
Inside the Business of Malware
Malware is big business. Malware writers and attackers are just the most visible parts of the ecosystem; there are many invisible moving parts behind the scenes that are rarely seen or described. Now, a complete picture of the business model and inner workings of the malware industrial complex is...