Security

Pierluigi Paganini September 26, 2024
Privacy non-profit noyb claims that Firefox tracks users with privacy preserving feature

Privacy non-profit noyb filed a complaint with the Austrian DPA against Firefox for enabling tracking in Firefox without user consent. Privacy non-profit None Of Your Business (noyb) has filed a complaint with Austria’s data protection authority (DSB) against Mozilla for enabling the privacy feature Privacy-Preserving Attribution (PPA) in Firefox without user consent. Noyb claims that […]

Pierluigi Paganini September 25, 2024
New variant of Necro Trojan infected more than 11 million devices

Experts warn of Necro Trojan found in Google Play, threat actors are spreading it through fake versions of legitimate Android apps. Researchers from Kaspersky discovered a new version of the Necro Trojan in multiple apps uploaded to the Google Play store. The malware was hidden in popular applications and game mods. Kaspersky researchers first spotted […]

Pierluigi Paganini September 25, 2024
U.S. CISA adds Ivanti Virtual Traffic Manager flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Virtual Traffic Manager vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Ivanti Virtual Traffic Manager authentication bypass vulnerability CVE-2024-7593(CVSS score of 9.8) to its Known Exploited Vulnerabilities (KEV) catalog. In Mid-August 2024, Ivanti addressed the vulnerability CVE-2024-7593 that impacts […]

Pierluigi Paganini September 25, 2024
Arkansas City water treatment facility switched to manual operations following a cyberattack

Arkansas City, a small city in Cowley County, Kansas, was forced to switch its water treatment facility to manual operations due to a cyberattack. Arkansas City, Kansas, had to switch its water treatment facility to manual operations over the weekend due to a cyberattack that was detected on Sunday. As of the 2020 census, Arkansas City has […]

Pierluigi Paganini September 24, 2024
A generative artificial intelligence malware used in phishing attacks

HP researchers detected a dropper that was generated by generative artificial intelligence services and used to deliver AsyncRAT malware. While investigating a malicious email, HP researchers discovered a malware generated by generative artificial intelligence services and used to deliver the AsyncRAT malware. The AI-generated malware was discovered in June 2024, the phishing message used an invoice-themed lure […]

Pierluigi Paganini September 24, 2024
A cyberattack on MoneyGram caused its service outage

American peer-to-peer payments and money transfer company MoneyGram confirmed that a cyberattack caused its service outage. American interstate and international peer-to-peer payments and money transfer company MoneyGram confirmed that its services are currently unavailable due to a cyberattack. On September 22, the company informed its customers that it was experiencing a network outage impacting connectivity to a number of our systems. The […]

Pierluigi Paganini September 24, 2024
Telegram will provide user data to law enforcement in response to legal requests

Telegram will provide user data to law enforcement agencies in response to valid legal requests, according to a recent policy update Telegram has updated its privacy policy informing users that it will share users’ phone numbers and IP addresses with law enforcement in response to valid legal requests. The company CEO Pavel Durov announced the […]

Pierluigi Paganini September 23, 2024
ESET fixed two privilege escalation flaws in its products

ESET addressed two local privilege escalation vulnerabilities in security products for Windows and macOS operating systems. Cybersecurity firm ESET released security patches for two local privilege escalation vulnerabilities impacting Windows and macOS products. The first vulnerability, tracked as CVE-2024-7400 (CVSS score of 7.3), could allow an attacker to misuse ESET’s file operations during the removal […]

Pierluigi Paganini September 22, 2024
Noise Storms: Mysterious massive waves of spoofed traffic observed since 2020

GreyNoise Intelligence firm warns of a mysterious phenomenon observed since January 2020, massive waves of spoofed traffic called Noise Storms.  GreyNoise Intelligence has been tracking a mysterious phenomenon since January 2020 consisting of massive waves of spoofed traffic, tracked by the experts as ‘Noise Storms.’  Despite the investigation into the traffic, the company has yet […]

Pierluigi Paganini September 21, 2024
Hackers stole over $44 million from Asian crypto platform BingX

Cybercriminals stole more than $44 million worth of cryptocurrency from the Singaporean crypto platform BingX. Singaporean crypto platform BingX reported a cyberattack on Friday. Threat actors stole over $44 million worth of cryptocurrency. The crypto platform discovered unauthorized transfers of funds on Thursday night, shortly before BingX announced a shutdown for “wallet maintenance” on social […]