Category: Cyber Security

Mar 06, 2024NewsroomPrivacy / Spyware The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two individuals and five entities associated with the Intellexa Alliance for their role in “developing, operating, and distributing” commercial spyware designed to target government officials, journalists, and policy experts in the country. “The proliferation of commercial spyware poses […]

Japanese cybersecurity officials warned that North Korea’s infamous Lazarus Group hacking team recently waged a supply chain attack targeting the PyPI software repository for Python apps. Threat actors uploaded tainted packages with names such as “pycryptoenv” and “pycryptoconf” — similar in name to the legitimate “pycrypto” encryption toolkit for Python. Developers who get tricked into […]

Hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites with malicious code. The flaw leveraged in the attacks is tracked as CVE-2023-6000, a cross-site scripting (XSS) vulnerability impacting Popup Builder versions 4.2.3 and older, which was initially disclosed in November 2023. A Balada […]

Mar 06, 2024The Hacker NewsData Security / Cloud Security Every Google Workspace administrator knows how quickly Google Drive becomes a messy sprawl of loosely shared confidential information. This isn’t anyone’s fault; it’s inevitable as your productivity suite is purposefully designed to enable real-time collaboration – both internally and externally. For Security & Risk Management teams, […]

The US National Security Agency (NSA) delivered its guidelines for zero-trust network security this week, offering a more concrete roadmap towards zero-trust adoption. It’s an important effort to try to bridge the gap between desire for and implementation of the concept. As businesses shift more workloads to the cloud, zero trust computing strategies have moved […]

The U.S. Department of Justice (DoJ) has announced the unsealing of an indictment against Linwei (Leon) Ding, 38, a former software engineer at Google, suspected of stealing Google AI trade secrets for Chinese companies. The charges allege that Ding stole proprietary information about Google’s artificial intelligence (AI) technologies and transferred it to two companies based in China, […]

Mar 07, 2024NewsroomMalware / Network Security Threat actors have been leveraging fake websites advertising popular video conferencing software such as Google Meet, Skype, and Zoom to deliver a variety of malware targeting both Android and Windows users since December 2023. “The threat actor is distributing Remote Access Trojans (RATs) including SpyNote RAT for Android platforms, […]