March 2, 2024 at 02:06AM A US judge ordered NSO Group to hand over its source code for Pegasus and other products to Meta, in light of ongoing litigation. This follows allegations that the spyware was distributed via infrastructure belonging to Meta, affecting 1,400 mobile devices, including Indian activists and journalists. NSO Group has been … Read more
March 1, 2024 at 04:43PM Israel-based NSO Group has been ordered by a California federal judge to share the source code for its Pegasus spyware with Meta’s WhatsApp due to a 2019 lawsuit for alleged spying on 1,400 users. The ruling covers the period from April 2018 to May 2020 and represents a legal setback … Read more
March 1, 2024 at 03:39PM Taiwan’s Defense Ministry urges Chunghwa Telecom to enhance cybersecurity after a data breach compromised government-related information. Hackers, allegedly linked to the Chinese government, stole 1.7TB of data, including documents from various government units, and offered it for sale on the Dark Web. The Defense Ministry confirmed the breach and instructed … Read more
March 1, 2024 at 03:36PM Relentless ransomware attacks on US healthcare, affecting patient care and access to prescription drugs. Notably, BlackCat’s attack on Change Healthcare caused significant disruption, forcing some patients to pay full price for medications and impacting hospitals’ financial abilities. Other ransomware operations such as Rhysida and Lockbit continue to target the healthcare … Read more
March 1, 2024 at 02:22PM CISA has directed U.S. agencies to secure Windows systems against a critical vulnerability in Microsoft Streaming Service actively exploited in attacks. Tracked as CVE-2023-29360, the flaw allows local attackers to gain SYSTEM privileges without user interaction. Federal agencies must patch systems by March 21, as the bug has been exploited … Read more
March 1, 2024 at 01:49PM CryptoChameleon phishing kit is targeting cryptocurrency platforms, government agencies, and single sign-on users. Victims primarily use Apple iOS and Google Android devices. The attacks yield sensitive data beyond usernames and passwords. The sophisticated tactics include personalized outreach and convincing duplication of legitimate pages. Experts advise stronger forms of authentication and … Read more
March 1, 2024 at 01:38PM The US Department of Justice has unsealed an indictment accusing an Iranian national, Alireza Shafie Nasab, of a years-long cyber campaign targeting US defense contractors and government agencies. The indictment alleges that Nasab and his associates compromised hundreds of thousands of accounts through spear phishing, social engineering, and in-house software. … Read more
March 1, 2024 at 11:21AM SecurityWeek’s cybersecurity news roundup compiles key developments in the industry, offering insight into critical vulnerabilities, policy changes, and industry reports. This week’s stories include Apple’s EU user security efforts, a macOS API bug, Intel’s vulnerability patching, CISA’s guide for university cybersecurity clinics, NSO’s court order, and China’s data security plan. … Read more
March 1, 2024 at 11:05AM Webinar “Quantum-safe network security for 21st century threats” on 7 March at 12pm GMT/7am EDT/4 am PDT will discuss the current and future danger posed by quantum threats to cyber security defenses. Experts from Arqit and Juniper Networks will delve into recent advances in firewall encryption and the implementation of … Read more
March 1, 2024 at 09:57AM The US Justice Department announced charges against Iranian national Alireza Shafie Nasab, accused of involvement in hacking operations targeting government and private sector organizations. His firm, Mahak Rayan Afraz, linked to cyberespionage, had ties to the IRGC. Nasab, now at large, faces charges carrying up to 20-year prison sentences, with … Read more