somcert2022

  • Home
  • Author: somcert2022
  • Page 5

New Case Study: The Malicious Comment

When is a ‘Thank you’ not a ‘Thank you’? When it’s a sneaky bit of code that’s been hidden inside a ‘Thank You’ image that somebody posted in the comments section of a product page! The guilty secret hidden inside this particular piece of code was designed to let hackers bypass security controls and steal […]
Read More

Powerful ‘Brokewell’ Android Trojan Allows Attackers to Takeover Devices

A newly identified Android trojan can steal user information and provide attackers with the ability to take control of infected devices, threat detection company ThreatFabric reports. Dubbed Brokewell, the trojan includes all the capabilities of mobile banking malware, while also providing attackers with remote access to devices. Brokewell is being distributed via fake application updates, such […]
Read More

How to Align Your Incident Response Practices With the New SEC Disclosure Rules

As of December 18, 2023, publicly traded organizations must comply with the Security and Exchange Commission (SEC) incident disclosure regulations, which were originally unveiled in July 2023. Under the new rules, publicly traded companies will be required to report cyber incidents within four business days of determining that the incident is “material,” meaning it would potentially impact a […]
Read More

Chinese hackers are aiming to ‘wreak havoc’ on U.S. Critical infrastructure

United States officials say they dismantled a China-backed hacking operation targeting civilian infrastructure, but the Federal Bureau of Investigation (FBI) warned of future threats if the two superpowers ever go to war. The Chinese state-sponsored hacking group Volt Typhoon allegedly sought to damage public sector facilities such as water treatment plants, the electric grid, oil and natural […]
Read More

Why Are Cybersecurity Automation Projects Failing?

The cybersecurity landscape is undergoing significant transformations exemplified by increasing complexity, constantly evolving threats and, as a result, the necessity for ever-more sophisticated and integrated security solutions. Automation, artificial intelligence (AI), and machine learning (ML) are fueling technological advancements and innovation. At the same time, escalating cybersecurity challenges and growing regulations means that organizations are […]
Read More

Millions of User Records Stolen From 65 Websites via SQL Injection Attacks

Between November and December 2023, a threat actor successfully stole more than two million email addresses and other personal information from at least 65 websites, threat intelligence firm Group-IB reports. Mainly relying on SQL injection attacks, the hacking group, tracked as ResumeLooters, has been active since early 2023, selling the stolen information on Chinese-speaking hacking-themed Telegram […]
Read More

Google Announces Enhanced Fraud Protection for Android

Google this week announced a pilot feature designed to improve Android’s protections against financial fraud attacks. Part of Google Play Protect, the enhanced fraud protection will block the installation of sideloaded applications that request sensitive runtime permissions that are frequently abused by fraudsters. The feature will analyze attempts to install applications from internet-sideloading sources, such as browsers, […]
Read More

Microsoft Confirms Windows Exploits Bypassing Security Features

Microsoft on Tuesday rolled out a massive batch of security-themed software updates and called urgent attention to at least three vulnerabilities being exploited in live malware attacks. The world’s largest software maker documented 72 security vulnerabilities in the Windows ecosystem and warned users of the risk of remote code execution, security feature bypass, information disclosure […]
Read More

No products in the cart.

Subscribe to our newsletter

Sign up to receive latest news, updates, promotions, and special offers delivered directly to your inbox.
No, thanks