A source code flaw in the Google Play store platform could enable attackers to perform remote code execution for credential theft on several prominent apps, a new report by security firm Check Point Research finds.
The hacker-for-hire group DeathStalker, known for conducting espionage campaigns against small and medium-sized businesses, has started using a new malware strain called PowerPepper, according to a report from the security firm Kaspersky.
The top Republican and Democrat on the U.S. Senate Intelligence Committee have issued a warning about the national security threats posed by the Chinese government. The statement follows an opinion article published by DNI Director John Ratcliffe that called out China's cyber and other capabilities.
Enterprises should have an incident response plan with a continuous monitoring threat intelligence sharing mechanism to help protect critical infrastructure from nation-state attacks, says Jayesh Ranjan, principal secretary-IT, government of Telangana
Detecting "deepfake" images used by fraudsters is challenging, says Gartner Research analyst Avivah Litan, who describes key steps in the detection effort.
A hacking group recently deployed cryptocurrency miners within targeted victims' networks to distract security teams from their cyberespionage campaigns, Microsoft reports.
This edition of the ISMG Security Report features an analysis of a serious Apple iOS "zero-click exploit" that could have allowed hackers to remotely gain complete control of a device. Also featured: a discussion of identity proofing challenges and a review of New Zealand's updated Privacy Act.
Trickbot malware has been updated with a bootkit module, nicknamed Trickboot, which can search for UEFI/BIOS firmware vulnerabilities, according to a report from the security firms Eclypsium and Advanced Intelligence. These flaws, if exploited, can give an attacker the ability to brick a device.
CISA, citing a new report by IBM, is warning organizations involved in COVID-19 vaccine production and distribution of a global phishing campaign targeting the cold storage and transport supply chain. Many vaccines in development must be kept at low temperatures before being administered.
It's not yet clear what action the state of Kerala will take now that it has abruptly withdrawn Section 118A of the Kerala Police Act, which was intended to help prevent social media abuses, including attacks on women and children.
Social media poses special risks for minors. Data scientist David Stier, who has discovered leaks of minors' personally identifiable information on Instagram, shares insights on how social media companies should better protect PII.
Interpol the international law enforcement organization, is warning of a potential surge in organized crime activity tied to COVID-19 vaccines. The alert follows recent reports of spikes in alleged cyberattacks by suspected North Korean hackers against companies working on vaccines and treatments.
An enterprise's cross-functional groups responsible for the business growth and brand reputation should be held equally accountable for cybersecurity. That's the view of a CISO and a CTO who participated in a fireside chat at ISMG's recent Virtual Cybersecurity Summit.
Fraudsters are increasingly exploiting the auto-forwarding feature in compromised email accounts to help conduct business email compromise scams, the FBI warns.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.