Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for Gravy Analytics leak ...

 Privacy

Our smartphones and other devices collect and then transmit massive amounts of data about us to dozens, maybe hundreds, of third-party companies every single day. This includes our location information, and the market for such information is huge. Naturally enough, the buying and selling goes on without our knowledge,   show more ...

creating obscure risks to our privacy. The recent hack of location data broker Gravy Analytics clearly illustrates the potential pitfalls of such practices. This post analyzes how data brokers operate, and what can happen if the information they collect leaks. We also give tips on what you can do to protect your location data. What location data brokers are Data brokers are companies that collect, process, and sell information about users. They get this information from mobile apps, online ad networks, online analytics systems, telecom operators, and a host of other sources from smart-home devices to cars. In theory, this data is only collected for analytics and targeted advertising. In practice, however, there are often no restrictions on usage, and seemingly anyone can buy it. So, out there in the real world, your data can be used for pretty much any purpose. For example, an investigation last year revealed that commercial data brokers — directly or through intermediaries — may even serve government intelligence agencies. Data brokers collect all kinds of user information, of which one of the most important and sensitive categories is location data. Its so in demand, in fact, that besides more generalized data brokers, firms exist that focus on it specifically. Those are the location-data brokers — organizations that specialize in collecting and selling information about user location. One of the major players in this segment is U.S. location tracking firm Gravy Analytics, which merged with Norways Unacast in 2023. The Gravy Analytics data leak In January 2025, news broke of a data leak at Gravy Analytics. At first it was confined to unofficial reports based on a post that appeared on a private Russian-language hacker forum. The poster claimed to have hacked Gravy Analytics and stolen the location data of millions of users, providing screenshots of the data trove as proof. It wasnt long before official confirmation came through. Under Norwegian law, Gravy Analytics parent, Unacast, was legally required to notify the national regulator. The companys statement reported that on January 4, an unauthorized individual gained access to Gravy Analytics AWS cloud storage environment through a misappropriated access key. The intruder obtained certain files, which could contain personal data. Analysis of the data Gravy Analytics leaked Unacast and Gravy Analytics were in no hurry to specify what data could have been compromised. However, within a few days, an independent security researcher published their own in-depth analysis of the leaked information based on a sample of the stolen data theyd been able to obtain. The Gravy Analytics leak included the location data of users worldwide. Source It turned out that the Gravy Analytics hack did indeed leak a gigantic set of location data of users worldwide — from Russia to the United States. The fragment analyzed by the researcher was 1.4GB in size, and consisted of around 30 million records — mostly collected in the first days of January 2025. Meanwhile, the hacker claimed the stolen database is 10TB, meaning it could potentially contain over 200 billion records! This data was collected by mobile apps and acquired by Gravy Analytics to be aggregated and subsequently sold to clients. As the analysis of the leak showed, the list of apps used to collect location data runs into the thousands. For example, the sample studied contained data collected from 3455 Android apps — including dating apps. UK-based Tinder users location data is an example of what can be found in the data leaked from Gravy Analytics. Source Tracking and deanonymizing users with the Gravy Analytics leak data Whats most unpleasant about the Gravy Analytics hack is that the leaked database is linked to advertising IDs: IDFA for iOS and AAID for Android devices. In many cases, this makes it possible to track users movements over time. Here, for instance, is a map of such movements in the vicinity of the White House in Washington, D.C. (remember that this visualization uses only a small sample of the stolen data; the full database contains a lot more): Data in the Gravy Analytics leak linked to advertising IDs can be used to track users movements over time. Source Worse yet, some data can be deanonymized. For example, the researcher was able to track the movements of a user who visited the Blue Origin launch pad: An example of user deanonymization using location data leaked from Gravy Analytics. Source Another example: the researcher was able to track a users movements from the Columbus Circle landmark in Manhattan, New York City, to his home in Tennessee, and then to his parents house the next day. Based solely on OSINT data, the researcher learned a great deal about this individual, including their mothers name and the fact that their late father was a U.S. Air Force veteran. Another example of user deanonymization using location data leaked from Gravy Analytics. Source The Gravy Analytics data breach demonstrates the serious risks associated with the data broker industry, and location data brokers in particular. As a result of the hack, a huge volume of user location records collected by mobile apps spilled out into the public domain. This data makes it possible to track the movements of a great many people with fairly high accuracy. And even though the leaked database doesnt contain direct personal identifiers such as first and last names, ID numbers, addresses, or phone numbers, the linkage to advertising IDs can in many cases lead to deanonymization. So, based on various quasi-identifiers, its possible to establish a users identity, find out where they live and work, as well as trace their social connections. How to protect your location data? Unfortunately, collecting user location data is now such a widespread practice that theres no easy answer to this question. Alas, theres no switch you can simply flick to stop all the internet companies worldwide harvesting your data. That said, you can at least minimize the amount of information about your location that falls into the hands of data brokers. Heres how: Be strict with apps asking for access to location data. Often, theyll work just fine without it — so unless theres a compelling reason for the app to know your location, just say no. Carefully configure privacy in apps that genuinely need your geolocation to function. For example, see our guides to configuring all the most popular running apps. Dont allow apps to track your location in the background. When granting permissions, always select the Only while using the app option. Uninstall apps you no longer use. In general, try to keep the number of apps on your smartphone to a minimum — this will reduce the number of potential data collectors on your device. If you use Apple iOS, iPadOS, or tvOS devices, opt out of app tracking. This will prevent data collected on you from being deanonymized. If you use Android, delete your devices advertising ID. If this option is unavailable in your OS version, reset the advertising ID regularly. Install a robust security solution capable of blocking ad-tracking on all your devices. For more tips on how to put the brakes on generalized data brokers collecting information on you, see our post Advertisers sharing data about you with… intelligence agencies.

image for How Phished Data Tur ...

 A Little Sunshine

Carding — the underground business of stealing, selling and swiping stolen payment card data — has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market. But a flurry of innovation from   show more ...

cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at main street stores. An image from one Chinese phishing group’s Telegram channel shows various toll road phish kits available. If you own a mobile phone, the chances are excellent that at some point in the past two years it has received at least one phishing message that spoofs the U.S. Postal Service to supposedly collect some outstanding delivery fee, or an SMS that pretends to be a local toll road operator warning of a delinquent toll fee. These messages are being sent through sophisticated phishing kits sold by several cybercriminals based in mainland China. And they are not traditional SMS phishing or “smishing” messages, as they bypass the mobile networks entirely. Rather, the missives are sent through the Apple iMessage service and through RCS, the functionally equivalent technology on Google phones. People who enter their payment card data at one of these sites will be told their financial institution needs to verify the small transaction by sending a one-time passcode to the customer’s mobile device. In reality, that code will be sent by the victim’s financial institution to verify that the user indeed wishes to link their card information to a mobile wallet. If the victim then provides that one-time code, the phishers will link the card data to a new mobile wallet from Apple or Google, loading the wallet onto a mobile phone that the scammers control. CARDING REINVENTED Ford Merrill works in security research at SecAlliance, a CSIS Security Group company. Merrill has been studying the evolution of several China-based smishing gangs, and found that most of them feature helpful and informative video tutorials in their sales accounts on Telegram. Those videos show the thieves are loading multiple stolen digital wallets on a single mobile device, and then selling those phones in bulk for hundreds of dollars apiece. “Who says carding is dead?,” said Merrill, who presented about his findings at the M3AAWG security conference in Lisbon earlier today. “This is the best mag stripe cloning device ever. This threat actor is saying you need to buy at least 10 phones, and they’ll air ship them to you.” One promotional video shows stacks of milk crates stuffed full of phones for sale. A closer inspection reveals that each phone is affixed with a handwritten notation that typically references the date its mobile wallets were added, the number of wallets on the device, and the initials of the seller. An image from the Telegram channel for a popular Chinese smishing kit vendor shows 10 mobile phones for sale, each loaded with 4-6 digital wallets from different UK financial institutions. Merrill said one common way criminal groups in China are cashing out with these stolen mobile wallets involves setting up fake e-commerce businesses on Stripe or Zelle and running transactions through those entities — often for amounts totaling between $100 and $500. Merrill said that when these phishing groups first began operating in earnest two years ago, they would wait between 60 to 90 days before selling the phones or using them for fraud. But these days that waiting period is more like just seven to ten days, he said. “When they first installed this, the actors were very patient,” he said. “Nowadays, they only wait like 10 days before [the wallets] are hit hard and fast.” GHOST TAP Criminals also can cash out mobile wallets by obtaining real point-of-sale terminals and using tap-to-pay on phone after phone. But they also offer a more cutting-edge mobile fraud technology: Merrill found that at least one of the Chinese phishing groups sells an Android app called “ZNFC” that can relay a valid NFC transaction to anywhere in the world. The user simply waves their phone at a local payment terminal that accepts Apple or Google pay, and the app relays an NFC transaction over the Internet from a phone in China. “The software can work from anywhere in the world,” Merrill said. “These guys provide the software for $500 a month, and it can relay both NFC enabled tap-to-pay as well as any digital wallet. The even have 24-hour support.” The rise of so-called “ghost tap” mobile software was first documented in November 2024 by security experts at ThreatFabric. Andy Chandler, the company’s chief commercial officer, said their researchers have since identified a number of criminal groups from different regions of the world latching on to this scheme. Chandler said those include organized crime gangs in Europe that are using similar mobile wallet and NFC attacks to take money out of ATMs made to work with smartphones. “No one is talking about it, but we’re now seeing ten different methodologies using the same modus operandi, and none of them are doing it the same,” Chandler said. “This is much bigger than the banks are prepared to say.” A November 2024 story in the Singapore daily The Straits Times reported authorities there arrested three foreign men who were recruited in their home countries via social messaging platforms, and given ghost tap apps with which to purchase expensive items from retailers, including mobile phones, jewelry, and gold bars. “Since Nov 4, at least 10 victims who had fallen for e-commerce scams have reported unauthorised transactions totaling more than $100,000 on their credit cards for purchases such as electronic products, like iPhones and chargers, and jewelry in Singapore,” The Straits Times wrote, noting that in another case with a similar modus operandi, the police arrested a Malaysian man and woman on Nov 8. Three individuals charged with using ghost tap software at an electronics store in Singapore. Image: The Straits Times. ADVANCED PHISHING TECHNIQUES According to Merrill, the phishing pages that spoof the USPS and various toll road operators are powered by several innovations designed to maximize the extraction of victim data. For example, a would-be smishing victim might enter their personal and financial information, but then decide the whole thing is scam before actually submitting the data. In this case, anything typed into the data fields of the phishing page will be captured in real time, regardless of whether the visitor actually clicks the “submit” button. Merrill said people who submit payment card data to these phishing sites often are then told their card can’t be processed, and urged to use a different card. This technique, he said, sometimes allows the phishers to steal more than one mobile wallet per victim. Many phishing websites expose victim data by storing the stolen information directly on the phishing domain. But Merrill said these Chinese phishing kits will forward all victim data to a back-end database operated by the phishing kit vendors. That way, even when the smishing sites get taken down for fraud, the stolen data is still safe and secure. Another important innovation is the use of mass-created Apple and Google user accounts through which these phishers send their spam messages. One of the Chinese phishing groups posted images on their Telegram sales channels showing how these robot Apple and Google accounts are loaded onto Apple and Google phones, and arranged snugly next to each other in an expansive, multi-tiered rack that sits directly in front of the phishing service operator. The ashtray says: You’ve been phishing all night. In other words, the smishing websites are powered by real human operators as long as new messages are being sent. Merrill said the criminals appear to send only a few dozen messages at a time, likely because completing the scam takes manual work by the human operators in China. After all, most one-time codes used for mobile wallet provisioning are generally only good for a few minutes before they expire. Notably, none of the phishing sites spoofing the toll operators or postal services will load in a regular Web browser; they will only render if they detect that a visitor is coming from a mobile device. “One of the reasons they want you to be on a mobile device is they want you to be on the same device that is going to receive the one-time code,” Merrill said. “They also want to minimize the chances you will leave. And if they want to get that mobile tokenization and grab your one-time code, they need a live operator.” Merrill found the Chinese phishing kits feature another innovation that makes it simple for customers to turn stolen card details into a mobile wallet: They programmatically take the card data supplied by the phishing victim and convert it into a digital image of a real payment card that matches that victim’s financial institution. That way, attempting to enroll a stolen card into Apple Pay, for example, becomes as easy as scanning the fabricated card image with an iPhone. An ad from a Chinese SMS phishing group’s Telegram channel showing how the service converts stolen card data into an image of the stolen card. “The phone isn’t smart enough to know whether it’s a real card or just an image,” Merrill said. “So it scans the card into Apple Pay, which says okay we need to verify that you’re the owner of the card by sending a one-time code.” PROFITS How profitable are these mobile phishing kits? The best guess so far comes from data gathered by other security researchers who’ve been tracking these advanced Chinese phishing vendors. In August 2023, the security firm Resecurity discovered a vulnerability in one popular Chinese phish kit vendor’s platform that exposed the personal and financial data of phishing victims. Resecurity dubbed the group the Smishing Triad, and found the gang had harvested 108,044 payment cards across 31 phishing domains (3,485 cards per domain). In August 2024, security researcher Grant Smith gave a presentation at the DEFCON security conference about tracking down the Smishing Triad after scammers spoofing the U.S. Postal Service duped his wife. By identifying a different vulnerability in the gang’s phishing kit, Smith said he was able to see that people entered 438,669 unique credit cards in 1,133 phishing domains (387 cards per domain). Based on his research, Merrill said it’s reasonable to expect between $100 and $500 in losses on each card that is turned into a mobile wallet. Merrill said they observed nearly 33,000 unique domains tied to these Chinese smishing groups during the year between the publication of Resecurity’s research and Smith’s DEFCON talk. Using a median number of 1,935 cards per domain and a conservative loss of $250 per card, that comes out to about $15 billion in fraudulent charges over a year. Merrill was reluctant to say whether he’d identified additional security vulnerabilities in any of the phishing kits sold by the Chinese groups, noting that the phishers quickly fixed the vulnerabilities that were detailed publicly by Resecurity and Smith. FIGHTING BACK Adoption of touchless payments took off in the United States after the Coronavirus pandemic emerged, and many financial institutions in the United States were eager to make it simple for customers to link payment cards to mobile wallets. Thus, the authentication requirement for doing so defaulted to sending the customer a one-time code via SMS. Experts say the continued reliance on one-time codes for onboarding mobile wallets has fostered this new wave of carding. KrebsOnSecurity interviewed a security executive from a large European financial institution who spoke on condition of anonymity because they were not authorized to speak to the press. That expert said the lag between the phishing of victim card data and its eventual use for fraud has left many financial institutions struggling to correlate the causes of their losses. “That’s part of why the industry as a whole has been caught by surprise,” the expert said. “A lot of people are asking, how this is possible now that we’ve tokenized a plaintext process. We’ve never seen the volume of sending and people responding that we’re seeing with these phishers.” To improve the security of digital wallet provisioning, some banks in Europe and Asia require customers to log in to the bank’s mobile app before they can link a digital wallet to their device. Addressing the ghost tap threat may require updates to contactless payment terminals, to better identify NFC transactions that are being relayed from another device. But experts say it’s unrealistic to expect retailers will be eager to replace existing payment terminals before their expected lifespans expire. And of course Apple and Google have an increased role to play as well, given that their accounts are being created en masse and used to blast out these smishing messages. Both companies could easily tell which of their devices suddenly have 7-10 different mobile wallets added from 7-10 different people around the world. They could also recommend that financial institutions use more secure authentication methods for mobile wallet provisioning. Neither Apple nor Google responded to requests for comment on this story.

 Feed

Security vulnerabilities have been disclosed in Xerox VersaLink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials via pass-back attacks via Lightweight Directory Access Protocol (LDAP) and SMB/FTP services. "This pass-back style attack leverages a vulnerability that allows a malicious actor to alter the MFP's configuration and cause the MFP

 Feed

Cybersecurity researchers have flagged a credit card stealing malware campaign that has been observed targeting e-commerce sites running Magento by disguising the malicious content within image tags in HTML code in order to stay under the radar. MageCart is the name given to a malware that's capable of stealing sensitive payment information from online shopping sites. The attacks are known to

 Feed

Cybersecurity researchers are alerting to a new campaign that leverages web injects to deliver a new Apple macOS malware known as FrigidStealer. The activity has been attributed to a previously undocumented threat actor known as TA2727, with the information stealers for other platforms such as Windows (Lumma Stealer or DeerStealer) and Android (Marcher). TA2727 is a "threat actor that uses fake

 Feed

Juniper Networks has released security updates to address a critical security flaw impacting Session Smart Router, Session Smart Conductor, and WAN Assurance Router products that could be exploited to hijack control of susceptible devices. Tracked as CVE-2025-21589, the vulnerability carries a CVSS v3.1 score of 9.8 and a CVS v4 score of 9.3. "An Authentication Bypass Using an Alternate Path or

 Feed

Is AI really reshaping the cyber threat landscape, or is the constant drumbeat of hype drowning out actual, more tangible, real-world dangers? According to Picus Labs’ Red Report 2025 which analyzed over one million malware samples, there's been no significant surge, so far, in AI-driven attacks. Yes, adversaries are definitely continuing to innovate, and while AI will certainly start playing a

 Feed

The China-linked threat actor known as Winnti has been attributed to a new campaign dubbed RevivalStone that targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024. The activity, detailed by Japanese cybersecurity company LAC, overlaps with a threat cluster tracked by Trend Micro as Earth Freybug, which has been assessed to be a subset within the APT41

 Feed

Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS) attack, respectively, under certain conditions. The vulnerabilities, detailed by the Qualys Threat Research Unit (TRU), are listed below - CVE-2025-26465 - The OpenSSH client

 Feed

The Chinese state-sponsored threat actor known as Mustang Panda has been observed employing a novel technique to evade detection and maintain control over infected systems. This involves the use of a legitimate Microsoft Windows utility called Microsoft Application Virtualization Injector (MAVInject.exe) to inject the threat actor's malicious payload into an external process, waitfor.exe,

 AI

In episode 38 of "The AI Fix", our hosts discover a robot they actually like, Sam Altman teases GPT-5 and trolls Elon Musk, a robot dog grows arms, an AI compliments Graham, Mark worries about "gradual disempowerment", an octopus pretends to be a glove, and a listener reveals an entirely new reason to   show more ...

worry about AI. Graham's plan to make his fortune is scuppered by an AI with opinions on time travel, and Mark investigates an intriguing question about a six-fingered glove. All this and much more is discussed in the latest edition of "The AI Fix" podcast by Graham Cluley and Mark Stockley.

 1 - Cyber Security News Post

Source: hackread.com – Author: Waqas. Researchers earned a $50,500 Bug Bounty after uncovering a critical supply chain flaw in a newly acquired firm, highlighting security risks in business acquisitions. Two cybersecurity researchers have walked away with a $50,500 bug bounty after finding a critical   show more ...

vulnerability in a major company’s software supply chain. The exploit targeted […] La entrada Duo Wins $50K Bug Bounty for Supply Chain Flaw in Newly Acquired Firm – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: Owais Sultan. People around the world learned about the latest advancements in the American space industry! This was made possible by Holiverse, a decentralized digital platform built on the Polygon blockchain, which organized a live broadcast on February 8 from NASA’s Kennedy   show more ...

Space Center (Florida, USA), covering the event dedicated to the […] La entrada Holiverse Makes NASA’s Latest Achievements Accessible to Everyone – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: Deeba Ahmed. The new Golang backdoor uses Telegram for command and control. Netskope discovers malware that exploits Telegram’s API for malicious purposes. Learn how this threat works and how to protect yourself.   Cybersecurity researchers at Netskope have discovered a new,   show more ...

functional, but possibly still-in-development, Golang-based backdoor that uses Telegram for command […] La entrada Hackers Exploit Telegram API to Spread New Golang Backdoor – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: Owais Sultan. SOC challenges like alert fatigue, skill shortages and slow response impact cybersecurity. AI-driven solutions enhance SOC efficiency, automation and threat detection. In the latest technological era, SOCs which stands for Security Operations Centers play a prominent   show more ...

role in organizational protection. It protects organizations from cyber-attacks and threats. However, there […] La entrada 10 Key SOC Challenges and How AI Addresses Them – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: Deeba Ahmed. Two Estonian nationals plead guilty to a $577M cryptocurrency Ponzi scheme through HashFlare, defrauding hundreds of thousands globally. They face 20 years in prison and forfeit $400M in assets. The US Department of Justice (DoJ) has confirmed that two Estonian   show more ...

nationals have admitted guilt in a large-scale cryptocurrency fraud […] La entrada HashFlare Fraud: Two Estonians Admit to Running $577M Crypto Scam – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0CISO2CISO

Source: www.hackerone.com – Author: kwhite. Twenty-one years old. Full-time college student. Mountain biker. Bounty hunter. That’s Gerben Janssen van Doorn, who goes by Gerben_Javado and is ranked ninth on HackerOne’s hacker reputation. He’s found more than 400 bugs and made $2,000 in the past month alone   show more ...

(and that’s just on public bugs). Gerben’s current bounty […] La entrada Hacker Q&A with Gerben_Javado: To Share Knowledge is to Gain Knowledge – Source:www.hackerone.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0CISO2CISO

Source: www.hackerone.com – Author: johnk. Most hackers remember their first bug. For Jack Cable (@CableJ), it was discovering he could send negative amounts of money to other bank account holders at a financial institution, effectively stealing money from their accounts. He disclosed this to the company at the   show more ...

time and they awarded him a bounty. […] La entrada Interview with Hack the Air Force Winner, @CableJ – Source:www.hackerone.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Simon Sharwood Indian authorities seize loot from BitConnect crypto-Ponzi scheme Devices containing crypto wallets tracked online, then in the real world India’s Directorate of Enforcement has found and seized over $200 million of loot it says are the proceeds of the   show more ...

BitConnect crypto-fraud scheme. BitConnect claimed it developed a bot capable […] La entrada Indian authorities seize loot from collapsed BitConnect crypto scam – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Connor Jones Microsoft says there’s a new variant of XCSSET on the prowl for Mac users – the first new iteration of the malware since 2022. XCSSET has been seen in limited attacks thus far, but Apple devs should be especially vigilant since the main infection vector   show more ...

is via Xcode projects. […] La entrada XCSSET macOS malware returns with first new version since 2022 – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0CISO2CISO

In the spirit of “Spotify Wrapped,” dive into the achievements of the SWE Mentoring Committee by the numbers over the past year! Source Views: 0 La entrada SWE Mentoring Committee Wrapped: Data and Impact From FY24 se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0CISO2CISO

Each month throughout the year, we spotlight a SWE Affinity Group. This month, we are excited to highlight the SWE Members in Small Businesses AG. Source Views: 0 La entrada Exploring SWE Affinity Groups: SWE Members in Small Businesses se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: The days when Apple devices were thought to be immune to malware are over, as new malicious campaigns are now targeting macOS. In a new February 18 report, Proofpoint uncovered a brand-new infostealer targeting macOS, FrigidStealer. This malware is deployed in   show more ...

campaigns involving TA569, a prolific threat actor primarily known for […] La entrada Proofpoint Uncovers FrigidStealer, A New MacOS Infostealer – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: Written by A leading stock research and analysis firm appears to have been breached for the third time in just four years, with details from 12 million accounts published on the dark web. Published on BreachForums at the end of last month by a user with the   show more ...

moniker “Jurak,” the trove […] La entrada Zacks Investment Research Breach Hits 12 Million – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: A pro-Russia hacker group, NoName057(16), has launched a wave of DDoS (distributed denial-of-service) attacks targeting key Italian organizations.  Early on Monday, the group disrupted the websites of major airports in Milan, including Linate and Malpensa, as   show more ...

well as the Transport Authority, the Intesa San Paolo bank and the ports of Taranto and […] La entrada Pro-Russia Hackers NoName057(16) Hit Italian Banks and Airports – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: South Korea has suspended new downloads of the Chinese AI chatbot DeepSeek as it undergoes scrutiny for non-compliance with the country’s data protection laws. The Personal Information Protection Commission (PIPC) announced the suspension on February 15, citing   show more ...

deficiencies in the app’s communication features and data processing practices. The app, which surged […] La entrada South Korea Suspends Downloads of AI Chatbot DeepSeek – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0CISO2CISO

Source: www.infosecurity-magazine.com – Author: MacOS malware XCSSET is reportedly re-emerging under a new variant, according to Microsoft. In a new social media post published on February 17, Microsoft Threat Intelligence said it had detected a new variant of XCSSET. This sophisticated modular malware targets   show more ...

users by infecting Xcode projects, Apple’s integrated development environment (IDE) for […] La entrada Microsoft Detects New XCSSET MacOS Malware Variant – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0CISO2CISO

Source: www.hackerone.com – Author: siebejan. Opening your database to the world is a scary thought! But that’s exactly what we wanted to do by implementing a GraphQL endpoint. Feeling stuck with the classic REST-ish JSON API, there were a multitude of problems that we were looking to get rid of. Not being   show more ...

able to reuse […] La entrada The $30,000 Gem: Part 1 – Source:www.hackerone.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2025-02
Aggregator history
Tuesday, February 18
SAT
SUN
MON
TUE
WED
THU
FRI
FebruaryMarchApril