Beyond Asset Discovery: How Attack Surface Management Prioritizes Vulnerability Remediation

As the business environment becomes increasingly connected, organizations’ attack surfaces continue to expand, making it challenging to map and secure both known and unknown assets. In particular, unknown assets present security challenges related to shadow IT, misconfigurations, ineffective scan coverage, among others. Given attack surface sprawl and evolving threats, many organizations are

Anatsa Banking Trojan Targeting Users in US, UK, Germany, Austria, and Switzerland

A new Android malware campaign has been observed pushing the Anatsa banking trojan to target banking customers in the U.S., U.K., Germany, Austria, and Switzerland since the start of March 2023. “The actors behind Anatsa aim to steal credentials used to authorize customers in mobile banking applications and perform Device-Takeover Fraud (DTO) to initiate fraudulent […]

New Fortinet’s FortiNAC Vulnerability Exposes Networks to Code Execution Attacks

Fortinet has rolled out updates to address a critical security vulnerability impacting its FortiNAC network access control solution that could lead to the execution of arbitrary code. Tracked as CVE-2023-33299, the flaw is rated 9.6 out of 10 for severity on the CVSS scoring system. It has been described as a case of Java untrusted object […]

9 basic security tips for seniors

Before we get into the tips: a caveat. We know many seniors who are digitally more up to date than people 20 years younger, but for those who aren’t, this guide is for you. If you’re offended by the word seniors in the title, feel free to replace it with “computer illiterate people.” And keep […]

Malvertising: A stealthy precursor to infostealers and ransomware attacks

This article is based on research by Jérôme Segura, Senior Director of Threat Intelligence at Malwarebytes, who oversees data collection from spam feeds and telemetry to identify the most relevant threats. Malvertising, the practice of using online ads to spread malware, can have dire consequences—and the problem only seems to be growing. New research from the Malwarebytes […]

Researchers Find Way to Recover Cryptographic Keys by Analyzing LED Flickers

In what’s an ingenious side-channel attack, a group of academics has found that it’s possible to recover secret keys from a device by analyzing video footage of its power LED. “Cryptographic computations performed by the CPU change the power consumption of the device which affects the brightness of the device’s power LED,” researchers from the Ben-Gurion […]

Fake Super Mario 3 Installers Drop Crypto Miner, Data Stealer

By Deeba Ahmed Cyble Research and Intelligence Lab’s cybersecurity researchers have disclosed how threat actors exploit gamers by delivering malware-loaded installers of popular games. This is a post from HackRead.com Read the original post: Fake Super Mario 3 Installers Drop Crypto Miner, Data Stealer

Fintech’s Crucial Role in Reducing Cyber Threats 

By Owais Sultan Fintech can reduce cyber threats by implementing robust encryption and authentication measures, enhancing security protocols to safeguard financial transactions and customer data. This is a post from HackRead.com Read the original post: Fintech’s Crucial Role in Reducing Cyber Threats 

Japanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor Attack

An unknown cryptocurrency exchange located in Japan was the target of a new attack earlier this month to deploy an Apple macOS backdoor called JokerSpy. Elastic Security Labs, which is monitoring the intrusion set under the name REF9134, said the attack led to the installation of Swiftbelt, a Swift-based enumeration tool inspired by an open-source utility called SeatBelt. JokerSky […]