A Russia-based cybercriminal group targeted a large American auto manufacturer, more evidence of its shift to deep-pocketed victims the gang hopes will deliver a major payday. FIN7 - also known as Carbon Spider and Sangria Tempest - targeted employees with “high levels of administrative rights."
Likely Russian military intelligence hackers known as Sandworm have deployed a new and highly flexible backdoor against Eastern European targets since at least mid-2022, warned security researchers. Security firm WithSecure dubbed the backdoor Kapeka.
Firewall appliance manufacturer Palo Alto Networks rushed out a hotfix Friday to a command injection vulnerability present in its custom operating system after security researchers spotted a campaign to exploit the zero-day starting in March, likely from a state-backed threat actor.
Security researchers have discovered two critical vulnerabilities in the Hugging Face AI platform that exposed potential gaps for attackers seeking unauthorized access and manipulation of customer data and models. The risks highlight the security concerns about AI-as-a-service offerings.
Vietnamese financially motivated hackers are targeting businesses across Asia in a campaign to harvest corporate credentials and financial data for resale in online criminal markets. Researchers at Cisco Talos identified a cluster of hacking activity its tracks as CoralRaider.
Google addressed two zero-day vulnerabilities in Pixel mobile phones that forensic firms exploited to bypass PINs and access stored data on the device. The bugs allowed attackers to unlock and access Pixel's device memory with physical access.
Google is prototyping a method to stymie hackers who get around multifactor security by stealing authentication cookies from desktops. Google says its proposal for cryptographically tying authentication tokens to computers will succeed where previous attempts such as Token Binding failed.
Google says it will delete web browsing data generated by 136 million individuals who used the tech giant's Chrome browser in Incognito mode as part of a proposed settlement ending a class action lawsuit alleging the tech giant had misled consumers about privacy protections.
Hackers are using a new version of a backdoor to target Linux servers and gain and maintain access in what appears to be an espionage campaign, warn researchers from Kaspersky. The hallmark of DinodasRAT's strategy is its sophisticated victim identification and persistence mechanisms.
Python code repository PyPI temporarily halted new user registration for a second time in three months following a surge in malware-ridden code mimicking legitimate software packages. PyPI is not the only code repository to recently be attacked by hackers.
This week, Sam Bankman-Fried got 25 years, the U.S sanctioned a Russian fintech, Coinbase can't get out of an SEC lawsuit, Munchables lost millions and had it returned, Curio and ParaSwap had smart contract problems, Hong Kong warned about crypto entities, and TRM Labs reported 2023 crypto trends.
A likely Chinese hacker-for-hire used high-profile vulnerabilities in a campaign targeting a slew of Southeast Asian and U.S. governmental and research organizations, says threat intel firm Mandiant. Rapid exploitation of newly patched flaws has become a hallmark of Chinese threat actors.
U.S. and allied cybersecurity agencies again warned the private sector to guard against Chinese state hackers who eschew malware to maintain access in favor of exploiting built-in system functions. Key preventative measures include maintaining a central logging database.
Security researchers say they've spotted a hacking campaign with a strong focus in Southeast Asia that could be the work of Chinese state hacking contractor iSoon, the company whose February internal data leak threw a spotlight on a network of private sector companies hacking on behalf of Beijing.
Hackers who are possibly members of a criminal group affiliated with numerous ransomware-as-a-service operations are exploiting a directory traversal vulnerability in a Python library that allows unauthenticated remote attackers access to sensitive information from server files.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.