Russian cyberspies target Android users with new spyware

December 13, 2024 at 12:49PM Russian cyberspies Gamaredon are using two Android spyware families, BoneSpy and PlainGnome, to target Russian-speaking individuals in former Soviet states. BoneSpy has been active since 2021, while PlainGnome emerged in 2024. Both malware types collect extensive data from mobile devices, highlighting Gamaredon’s evolved tactics in digital surveillance. **Meeting Takeaways:** 1. … Read more

OData Injection Risk in Low-Code/No-Code Environments

December 13, 2024 at 10:06AM Organizations using low-code/no-code (LCNC) platforms face security risks, particularly OData injection, which can expose sensitive data. This vulnerability is poorly understood and lacks established safeguards. To combat these risks, proactive security strategies must be developed, including automated monitoring tools and collaboration between security teams and developers for effective input validation. … Read more

Cyber protection made intuitive and affordable

December 13, 2024 at 09:42AM The 2024 MITRE ATT&CK Evaluation highlighted Cynet as the only vendor achieving 100% Detection Visibility and Protection, detecting all threats without false positives. The evaluation serves as a critical benchmark for cybersecurity solution effectiveness, emphasizing the importance of choosing the right vendor for SMEs and MSPs seeking reliable protection. ### … Read more

Rydox Cybercrime Marketplace Disrupted, Administrators Arrested

December 13, 2024 at 07:02AM The US dismantled Rydox, a cybercrime marketplace for stolen personal information, arresting three Kosovo nationals linked to its administration. Active since 2016, Rydox generated over $230,000 in illicit sales. The US seized its domain and cryptocurrency, while the suspects face serious charges, including identity theft and money laundering. ### Meeting … Read more

Taming the multi-vault beast

December 13, 2024 at 04:11AM GitGuardian addresses the growing security concern of managing secrets across multiple vaults for Non-Human Identities (NHIs) in enterprises, which now outnumber human users 100 to one. Their new multi-vault integrations provide centralized visibility, automate detection, and streamline management, enhancing security and compliance while reducing operational costs. ### Meeting Takeaways: 1. … Read more

FBI Busts Rydox Marketplace with 7,600 PII Sales, Cryptocurrency Worth $225K Seized

December 13, 2024 at 02:15AM The U.S. Department of Justice shut down the Rydox marketplace, arresting its Kosovo administrators for selling stolen personal information and cybercrime tools. Rydox facilitated over 7,600 sales, generating $230,000. Additionally, Nigerian national Abiola Kayode was extradited for his role in a $6 million email fraud scheme. ### Meeting Takeaways 1. … Read more

336K Prometheus Instances Exposed to DoS, ‘Repojacking’

December 12, 2024 at 05:19PM Researchers found over 296,000 exposed Prometheus servers and exporters on the web, revealing sensitive data like plaintext passwords and enabling potential denial of service attacks. Vulnerabilities also posed risks for repojacking attacks, where attackers exploit deleted usernames to execute malicious code. Users are urged to secure their installations. ### Meeting … Read more

Chinese Cops Caught Using Android Spyware to Track Mobile Devices

December 12, 2024 at 04:35PM EagleMeSpy, a surveillance tool developed by a Chinese company for law enforcement, has been scraping sensitive data from Android devices since 2017. It requires physical access to install and is not available in app stores. Researchers indicate potential iOS versions exist, and the spyware is continuously developed to avoid detection. … Read more

Efforts to Secure US Telcos Beset by Salt Typhoon Might Fall Flat

December 12, 2024 at 02:07PM In response to a major telecommunications breach attributed to China, Senator Ron Wyden proposed the “Secure American Communications Act” to enhance cybersecurity standards for U.S. telcos. Critics argue existing regulations are under-enforced, highlighting resource challenges rather than a lack of rules as the primary issue in cybersecurity vulnerabilities. **Meeting Takeaways: … Read more

Over 300K Prometheus Instances Exposed: Credentials and API Keys Leaking Online

December 12, 2024 at 09:51AM Cybersecurity researchers warn that numerous publicly accessible Prometheus servers are vulnerable to information leakage and attacks due to inadequate authentication. Sensitive data, including credentials, can be exposed, and denial-of-service attacks may occur via specific endpoints. Organizations should implement authentication, limit exposure, and monitor server activity to mitigate risks. **Meeting Takeaways … Read more