Malicious Android apps masquerading as Google, Instagram, Snapchat, WhatsApp, and X (formerly Twitter) have been observed to steal users’ credentials from compromised devices. “This malware uses famous Android app icons to mislead users and trick victims into installing the malicious app on their devices,” the SonicWall Capture Labs threat research team said in a recent […]
Cyber News
Cybersecurity researchers have discovered a novel attack that employs stolen cloud credentials to target cloud-hosted large language model (LLM) services with the goal of selling access to other threat actors. The attack technique has been codenamed LLMjacking by the Sysdig Threat Research Team. “Once initial access was obtained, they exfiltrated cloud credentials and gained access […]
Cyber News
Sales: 0845 470 4001 | Support: 0845 230 6001 | Contact Form | NPS Company Cyber Security Ransomware 192 Hits Do you know Dmitry Yuryevich Khoroshev? If you do, there’s a chance that you might well on the way to receiving a reward of up to $10 million. Law enforcement agencies across the US, UK, […]
Cyber News
Researchers have detailed a Virtual Private Network (VPN) bypass technique dubbed TunnelVision that allows threat actors to snoop on victim’s network traffic by just being on the same local network. The “decloaking” method has been assigned the CVE identifier CVE-2024-3661 (CVSS score: 7.6). It impacts all operating systems that implement a DHCP client and has […]
Cyber News
There’s a new report on how criminals are using generative AI tools: Key Takeaways: Adoption rates of AI technologies among criminals lag behind the rates of their industry counterparts because of the evolving nature of cybercrime. Compared to last year, criminals seem to have abandoned any attempt at training real criminal large language models (LLMs). […]
Cyber News
The FBI has issued a warning to US retailers about a financially-motivated malicious hacking ring that has been targeting employees with phishing attacks in an attempt to create fraudulent gift cards. Staff at the corporate offices of US retail companies have been the target of highly-sophisticated email phishing and SMS phishing (“smishing”) attacks. These attacks […]
Cyber News
Polish government institutions have been targeted as part of a large-scale malware campaign orchestrated by a Russia-linked nation-state actor called APT28. “The campaign sent emails with content intended to arouse the recipient’s interest and persuade him to click on the link,” the computer emergency response team, CERT Polska, said in a Wednesday bulletin. Clicking on […]
Cyber News
Cybersecurity and compliance guidance are in high demand among SMEs. However, many of them cannot afford to hire a full-time CISO. A vCISO can answer this need by offering on-demand access to top-tier cybersecurity expertise. This is also an opportunity for MSPs and MSSPs to grow their business and bottom line. MSPs and MSSPs that […]
Cyber News
Two recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous Mirai botnet. That’s according to findings from Juniper Threat Labs, which said the vulnerabilities CVE-2023-46805 and CVE-2024-21887 have been leveraged to deliver the botnet payload. While CVE-2023-46805 is an authentication bypass flaw, CVE-2024-21887 is a command injection […]
Cyber News