Chinese Nation-State Threat Actor Targeting Japanese Organizations A Chinese nation-state threat actor has set its sights on Japanese organizations, using sophisticated malware families such as LODEINFO and NOOPDOOR to steal sensitive information. Despite the cunning tactics employed by the threat actor, they have managed to fly under the radar for extended periods, sometimes up to…
Keeping Up with Phishing Attacks and Cybersecurity Challenges In the fast-paced world of cybersecurity, the threat landscape is constantly evolving. One of the most persistent and prevalent threats facing organizations today is phishing attacks. These attacks are not only increasing in frequency but also becoming more sophisticated in their tactics and techniques. In fact, the…
Unveiling the XDSpy Phishing Campaign A recent phishing campaign targeted companies in Russia and Moldova, orchestrated by the elusive cyber espionage group known as XDSpy. The infection chains in this campaign led to the deployment of DSDownloader, a malicious software, as discovered by the cybersecurity firm F.A.C.C.T. The firm noted that this nefarious activity took…
Malicious Android Apps Targeting SMS Messages for Identity Fraud Introduction In a recent discovery, a new malicious campaign employing nefarious Android apps has been identified. Since February 2022, these apps have been on a stealthy mission to pilfer users’ SMS messages as part of a large-scale operation. The Modus Operandi This diabolical scheme involves over…
Zaplet z WhatsApp za Windows: Izvrševanje Python in PHP skriptov brez varnostnih obvestil Novica o tem, da WhatsApp za Windows omogoča izvrševanje Python in PHP skriptov brez varnostnih obvestil, je pomembna za vse uporabnike te priljubljene aplikacije. V nadaljevanju bomo podrobno osvetlili, kaj to pomeni za varnost uporabnikov, kje so ključne ranljivosti, kakšne so posledice…
The $1.4 Billion Settlement: Meta’s Expensive Lesson in Biometric Data Collection In a groundbreaking move, Meta, the parent company of Facebook, Instagram, and WhatsApp, agreed to a massive settlement of $1.4 billion with the state of Texas. This deal arises from allegations of illegally collecting biometric data from millions of users without their consent. This…
Kaj se je zgodilo? Google Cloud je objavil zaskrbljujočo novico, ki je vznemirila mnogo strokovnjakov za računalniško varnost in številne uporabnike ter podjetja, ki zaupajo tej platformi. V eni od njihovih storitev so namreč odkrili kritično ranljivost, ki omogoča zviševanje privilegijev za hackerje. Ta ranljivost omogoča nepridipravom, da pridobijo privilegije višjega nivoja, kot so jim…
New Android Spyware “Mandrake” Discovered on Google Play Store A fresh discovery by cybersecurity experts has unveiled the presence of an advanced Android spyware known as Mandrake in five applications offered for download on the Google Play Store. What’s more intriguing is that these malicious apps managed to evade detection for a whopping two years,…
Napaka v infrastukturi: Microsoft 365 in Azure izpad storitev Danes je Microsoft doživel večji izpad svojih storitev za Microsoft 365 in Azure, kar je povzročilo številne težave za uporabnike po vsem svetu. Ta nepričakovana napaka v infrastrukturi je vplivala na dostopnost številnih ključnih storitev, kar je povzročilo nemalo preglavic uporabnikom, ki so odvisni od teh…
Securing Remote Work Environments with RMM Tools In an era where remote work is becoming increasingly prevalent, IT departments face the unique challenge of managing devices spread across various locations. This decentralized setup calls for the use of Virtual Private Networks (VPNs) and Remote Monitoring and Management (RMM) tools to facilitate system administration. RMM tools…