3CX Desktop App Supply Chain Attack Leaves Millions at Risk – Urgent Update on...
Mar 30, 2023Ravie LakshmananSupply Chain / Software Security
3CX said it's working on a software update for its desktop app after multiple cybersecurity vendors...
How to Build a Research Lab for Reverse Engineering — 4 Ways
Malware analysis is an essential part of security researcher's work. But working with malicious samples can be dangerous — it requires specialized tools...
Smart Mobility has a Blindspot When it Comes to API Security
The emergence of smart mobility services and applications has led to a sharp increase in the use of APIs in the automotive industry....
Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices
Mar 29, 2023Ravie LakshmananZero-Day / Mobile Security
A number of zero-day vulnerabilities that were addressed last year were exploited by commercial spyware vendors to...
New WiFi Flaw Let Attackers Hijack Network Traffic
A fundamental security issue in the design of the IEEE 802.11 WiFi protocol standard, according to a technical study written by Domien Schepers, Aanjhan...
Mélofée: Researchers Uncover New Linux Malware Linked to Chinese APT Groups
Mar 29, 2023Ravie LakshmananLinux / Cyber Threat
An unknown Chinese state-sponsored hacking group has been linked to a novel piece of malware aimed at...
Trojanized TOR Browser Installers Spreading Crypto-Stealing Clipper Malware
Mar 29, 2023Ravie LakshmananCryptocurrency / Malware
Trojanized installers for the TOR anonymity browser are being used to target users in Russia and Eastern Europe...
A Military-Type Explosive Sent Via USB Drive
The Ecuadorian free-to-air television network Ecuavisa recently reported that a USB device was detonated inside an organization’s newsroom. The explosion occurred due to a...
North Korean APT43 Group Uses Cybercrime to Fund Espionage Operations
Mar 29, 2023Ravie LakshmananCyber Threat / Espionage
A new North Korean nation-state cyber operator has been attributed to a series of campaigns orchestrated to...
UK Police Setup Thousands of Fake DDoS-For-Hire Websites
The National Crime Agency (NCA) of the United Kingdom revealed that it had built several fake DDoS-for-hire service websites to track down cybercriminals who use...