Recent Security News
-
Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices
February 19, 2024 at 08:51AM Meta Platforms curtailed malicious activity from firms in Italy, Spain, and the U.A.E. operating in surveillance-for-hire. Spyware targeted iOS, Android, and Windows devices, collecting device info, media, and enabling camera and microphone. Accounts in Italy and Spain were involved in social engineering. Meta also acted on coordinated inauthentic behavior from…
-
Anatsa Android malware downloaded 150,000 times via Google Play
February 19, 2024 at 08:38AM The Anatsa banking trojan has targeted Android users in Europe by using Google Play-hosted malware droppers. Security firm ThreatFabric detected five campaigns in the UK, Germany, Spain, Slovakia, Slovenia, and the Czech Republic, leading to 150,000 infections. The trojan uses dropper apps to infect devices and has evolved to bypass…
-
Hacker arrested for selling bank accounts of US, Canadian users
February 19, 2024 at 08:38AM A 31-year-old Ukrainian cybercriminal was arrested for operating a cybercrime scheme targeting American and Canadian bank accounts. The suspect distributed trojanized software through websites and promoted them with online advertising. The hacker stole sensitive data and sold access to bank accounts on the dark web, potentially making over $92,000. The…
-
KeyTrap attack: Internet access disrupted with one DNS packet
February 19, 2024 at 08:38AM A serious vulnerability named KeyTrap in the DNSSEC feature could be exploited to deny internet access to applications for an extended period. Tracked as CVE-2023-50387, KeyTrap is a design issue in DNSSEC impacting DNS implementations. Researchers from ATHENE and partners discovered and addressed the issue, working with DNS service providers.…
-
Russian Cyberspies Exploit Roundcube Flaws Against European Governments
February 19, 2024 at 08:03AM Recorded Future alerts about Winter Vivern, a Russian cyberespionage group, exploiting Roundcube webmail servers to target European government and military entities. The group also attacked infrastructure in Europe and Central Asia, aligned with Russian and Belarusian interests. Social engineering and XSS vulnerabilities are being used to gain access for intelligence…