Year: 2024

Apple Patches Vision Pro Vulnerability Used in Possibly ‘First Ever Spatial Computing Hack’

Apple on Monday updated visionOS, the operating system powering its Vision Pro virtual reality headset, to version 1.2, which addresses several vulnerabilities, including what may be the first security flaw that is specific to this product. visionOS 1.2 patches nearly two dozen vulnerabilities. However, a vast majority of them are in components that visionOS shares […]
Read More

TikTok Zero-Day, DMM Bitcoin Hack, Free VPN App Analysis

SEC cyber disclosures delayed in several cases The SEC requires companies to disclose material breaches within four business days, but the government can request delays for national security or public safety reasons. The WSJ reported that the government has delayed the public disclosure of cyber incidents several times since the rules came into effect in December 2023. TikTok zero-day […]
Read More

Microsoft Warns of Surge in Cyber Attacks Targeting Internet-Exposed OT Devices

Microsoft has emphasized the need for securing internet-exposed operational technology (OT) devices following a spate of cyber attacks targeting such environments since late 2023. “These repeated attacks against OT devices emphasize the crucial need to improve the security posture of OT devices and prevent critical systems from becoming easy targets,” the Microsoft Threat Intelligence team said. […]
Read More

Moroccan Cybercrime Group Steals Up to $100K Daily Through Gift Card Fraud

Microsoft is calling attention to a Morocco-based cybercrime group dubbed Storm-0539 that’s behind gift card fraud and theft through highly sophisticated email and SMS phishing attacks. “Their primary motivation is to steal gift cards and profit by selling them online at a discounted rate,” the company said in its latest Cyber Signals report. “We’ve seen some examples where the […]
Read More

Pakistan-linked Hackers Deploy Python, Golang, and Rust Malware on Indian Targets

The Pakistan-nexus Transparent Tribe actor has been linked to a new set of attacks targeting Indian government, defense, and aerospace sectors using cross-platform malware written in Python, Golang, and Rust. “This cluster of activity spanned from late 2023 to April 2024 and is anticipated to persist,” the BlackBerry Research and Intelligence Team said in a technical report published earlier […]
Read More

Beware: These Fake Antivirus Sites Spreading Android and Windows Malware

Threat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to propagate malware capable of stealing sensitive information from Android and Windows devices. “Hosting malicious software through sites which look legitimate is predatory to general consumers, especially those who look to protect their devices from […]
Read More

Zoom Adding Post-Quantum End-to-End Encryption to Products

Video communications giant Zoom announced on Tuesday that post-quantum end-to-end encryption (E2EE) has been added to Zoom Workplace. The feature, which leverages the Kyber 768 key encapsulation method, is currently available worldwide in Zoom Meetings, with Zoom Phone and Zoom Rooms coming soon. Zoom claims it is the first unified communications-as-a-service company to offer a post-quantum E2EE […]
Read More

Critical Flaw in AI Python Package Can Lead to System and Data Compromise

A critical vulnerability discovered recently in a Python package used by AI application developers can allow arbitrary code execution, putting systems and data at risk. The issue, discovered by researcher Patrick Peng (aka retr0reg), is tracked as CVE-2024-34359 and it has been dubbed Llama Drama. Cybersecurity firm Checkmarx on Thursday published a blog post describing the vulnerability and […]
Read More

Microsoft Quick Assist Tool Abused for Ransomware Delivery

Cybercriminals who have been using the Black Basta ransomware have been observed abusing the remote management tool Quick Assist in vishing (voice phishing) attacks, Microsoft reports. Active since 2022 and believed to have hit over 500 organizations globally, Black Basta is a ransomware-as-a-service (RaaS) that likely received over $100 million in ransom payments from its victims. Last […]
Read More

Apple Patch Day: Code Execution Flaws in iPhones, iPads, macOS

Apple on Monday rolled out urgent security-themed updates to its flagship mobile and desktop operating systems and warned that hackers may have already exploited an IOS vulnerability in the wild. Cupertino’s security response team documented at least 16 vulnerabilities on iPhones and iPads and called special attention to CVE-2024-23296, a memory corruption bug in RTKit […]
Read More

No products in the cart.

Subscribe to our newsletter

Sign up to receive latest news, updates, promotions, and special offers delivered directly to your inbox.
No, thanks