Category Security

Oct 08, 2024Ravie LakshmananCyber Threat / APT Attack Russian government agencies and industrial entities are the target of an ongoing activity cluster dubbed Awaken Likho. “The attackers now prefer using the agent for the legitimate MeshCentral platform instead of the…

Cyber-enabled fraud resulted in up to $37bn in losses for victims in East and Southeast Asia in 2023, with governments left unable to contain these threats, a United Nations (UN) report has warned. The analysis by the United Nations Office…

Oct 08, 2024Ravie LakshmananCyber Attack / Malware A little-known threat actor tracked as GoldenJackal has been linked to a series of cyber attacks targeting embassies and governmental organizations with an aim to infiltrate air-gapped systems using two disparate bespoke toolsets.…

US money transfer giant MoneyGram has confirmed to customers that their personal information (PII) may have been stolen in a data breach incident. The firm posted a notice on its website yesterday following several days of speculation as to what…

Ukraine has claimed responsibility for a cyber attack that targeted Russia state media company VGTRK and disrupted its operations, according to reports from Bloomberg and Reuters. The incident took place on the night of October 7, VGTRK confirmed, describing it…

Oct 08, 2024Ravie LakshmananMobile Security / Privacy Qualcomm has rolled out security updates to address nearly two dozen flaws spanning proprietary and open-source components, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as…

The EU has been urged by a leading risk managers association to make cyber incident reporting requirements more consistent ahead of new legislation coming into force. The Federation of European Risk Management Associations (FERMA) said in a new report that…

The UK’s Information Commissioner’s Office (ICO) has published a new audit framework to help businesses comply with data protection rules. The framework, which is an extension of the ICO’s existing Accountability Framework, provides nine distinct toolkits for areas that are…

Oct 07, 2024Ravie LakshmananCybersecurity / Mobile Security Google has announced that it’s piloting a new security initiative that automatically blocks sideloading of potentially unsafe Android apps in India, after similar tests in Singapore, Thailand, and Brazil. The enhanced fraud protection…

A new series of attacks targeting air-gapped systems at governmental organizations has been attributed to the advanced persistent threat (APT) group GoldenJackal. The cyber-espionage campaign, spanning May 2022 to March 2024 and discovered by ESET researchers, used a range of…