Joker, Facestealers and Banker swarming Google Play store

Making Software I am a programmer by nature. I now had root access to a cool new linux box so now I must develop software for it. The Goal While looking through many of the IVI’s files, I found tons of really cool C++ header files relating to ccOS in /usr/include. ccOS is the Connected Car Operating System, an OS developed by Nvidia and Hyundai which is supposed to power all Hyundai vehicles from 2022 onwards, but I guess some of the underlying system was in previous Hyundai vehicles for quite some time.

A group of actors originating from North Korea that MSTIC tracks as DEV-0530 has been developing and using ransomware in attacks since June 2021. This group, which calls itself H0lyGh0st, utilizes a ransomware payload with the same name.

Cross-Site Scripting (XSS) is a well-known vulnerability that has been around for a long time and can be used to steal sessions, create fake logins and carry out actions as someone else, etc. In addition, many users are unaware of the potential dangers associated with their browser’s credential autofill feature. This attack vector is not new, but it is unknown to many people and as we investigated further we found that the dangers were extensive. In this post, the GoSecure Titan Labs team will demonstrate that using a browser password manager with autofill could expose your credentials in a web application vulnerable to XSS.

Let's hope nobody lies about what permissions their app uses.

A large-scale phishing campaign that attempted to target over 10,000 organizations since September 2021 used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session, and skip the authentication process, even if the user had enabled multifactor authentication (MFA).

Campaign that steals email has targeted at least 10,000 organizations since September.

BERLIN (AP) — The European Central Bank said Tuesday that its president, Christine Lagarde, was targeted in a hacking attempt but no information was compromised. The attempt took place “recently,” the Frankfurt-based central bank for the 19 countries that use the euro said in an emailed response to a query about a report by Business Insider.

In January 2022, a new browser hijacker/adware campaign named ChromeLoader (also known as Choziosi Loader and ChromeBack) was discovered. Despite using simple malicious advertisements, the malware became widespread, potentially leaking data from thousands of users and organizations.

Learn more about Dragos's discovery of an exploit introduced through password "cracking" software that targets industrial engineers and operators.

Vice Society is a little-known double extortion group that exfiltrates its victims' data and threatens its victims to leak their information.

If I can shop and bank online, why can’t I vote online? David Jefferson explained in 2011 why internet voting is so difficult to make secure, I summarized again in 2021 why internet voting is still inherently insecure, and many other experts have explained it too. Still, several countries and several U.S. states have offered e-voting to some of their citizens. In many cases they plunge forward without much consideration of whether their e-voting system is really secure, or whether it could be hacked to subvert democracy. It’s not enough just to take the software vendor’s word for it.

Open-source code runs on every computer on the planet—and keeps America’s critical infrastructure going. DARPA is worried about how well it can be trusted

Researchers have found a way to use the web's basic functions to identify who visits a site—without the user detecting the hack.

Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared these findings with Apple, and fix for this vulnerability, now identified as CVE-2022-26706, was included in the security updates on May 16, 2022.

As civil society and media organisations expose EU Member States' use of the Pegasus commercial spyware, one of the most high-profile spying scandals of recent years is coming to light in Europe.

Negli ultimi mesi il gruppi cyber e altre organizzazioni vicine al governo del paese hanno tempestato di attacchi i siti delle nazioni che si sono schierati a favore di Kiev

12.07.2022 - Security researchers from the ETH Zürich have discovered a serious security vulnerability in Intel and AMD microprocessors. The vulnerability, called Retbleed, potentially allows an attacker to access any memory area. Initial countermeasures have already been defined. The NCSC has assigned the internationally valid CVE identifiers for the vulnerability of both manufacturers.

We take a look at reports that verified Twitter accounts are being targeted by scammers with claims of hate speech.

Experts are asking who is behind Predatory Sparrow, the group which says it started a fire in an Iranian factory.

Raspberry Robin involves a worm that spreads over USB devices or shared folders, leveraging compromised QNAP (Network Attached Storage or NAS) devices as stagers and an old but still effective method of using “LNK” shortcut files to lure its victims...

Nation struggles in aftermath of president’s refusal to pay to end cyber attack, even as hacking group collapsed

As Russian artillery began raining down on his homeland last month, one Ukrainian computer researcher decided to fight back the best way he knew how -- by sabotaging one of the most formidable ransomware gangs in Russia.

Incident just the latest iteration of the back and forth between Israeli and Iranianian-aligned hackers.

The internet giant may have provided Sberbank-owned RuTarget with unique mobile phone IDs, IP addresses, location information and details about users’ interests and online activity.

Il malware EnvyScout (APT29) è stato veicolato anche in Italia

Motherboard is publishing parts of the code for the Anom encrypted messaging app, which was secretly managed by the FBI in order to monitor organized crime on a global scale.

Ce mardi 5 juillet 2022, l'organisme de normalisation étatsunien NIST a annoncé qu'il avait choisi les algorithmes de cryptographie post-quantiques qu'il allait maintenant normaliser. Ce sont Kyber pour l'échange de clés et Dilithium pour les signatures.

Leading cybersecurity experts and foreign policy scholars raise serious questions and concerns about Microsoft's report on the Ukraine war.

“Polizei!” barked the officers who stormed a third-floor apartment in the Austrian capital, moving to intercept a thickset man standing near a kitchen nook. The suspect — a long-serving official in Austria’s security services — sprang toward his cellphone and tried to break it in two, according to Austrian police reports.