Pulse Connect Secure Security Update
blog.pulsesecure.net/pulse-connect-secure-security-update/ The Pulse Secure team recently discovered that a limited number of customers have experienced evidence of exploit behavior on their Pulse Connect Secure (PCS) appliances. We are sharing information about the investigation and our actions through several communications channels in the best interests of our customers and the greater security community. Lisäksi:
Japanese police say Tick APT is linked to Chinese military
therecord.media/japanese-police-say-tick-apt-is-linked-to-chinese-military/ Japanese law enforcement believes a group of hackers linked to the Chinese military are behind a broad cyber-espionage campaign that has breached more than 200 Japanese companies and organizations since at least 2016.
Remote code execution vulnerabilities uncovered in smart air fryer
www.zdnet.com/article/remote-code-execution-vulnerabilities-uncovered-in-smart-air-fryer In another example of how connectivity can impact our home security, researchers have disclosed two remote code execution (RCE) vulnerabilities in a smart air fryer.
Fake Microsoft Store, Spotify sites spread info-stealing malware
www.bleepingcomputer.com/news/security/fake-microsoft-store-spotify-sites-spread-info-stealing-malware/ Attackers are promoting sites impersonating the Microsoft Store, Spotify, and an online document converter that distribute malware to steal credit cards and passwords saved in web browsers. The attack was discovered by cybersecurity firm ESET who issued a warning yesterday on Twitter to be on the lookout for the malicious campaign.
Internal Facebook email reveals intent to frame data scraping as normalized, broad industry issue’
www.zdnet.com/article/facebook-internal-email-reveals-intent-to-frame-data-scraping-as-broad-industry-issue-and-normalized An internal email accidentally leaked by Facebook to a journalist has revealed the firm’s intentions to frame a recent data scraping incident as “normalized” and a “broad industry issue.”
Over 750, 000 Users Downloaded New Billing Fraud Apps From Google Play Store
thehackernews.com/2021/04/over-750000-users-download-new-billing.html Researchers have uncovered a new set of fraudulent Android apps in the Google Play store that were found to hijack SMS message notifications for carrying out billing fraud. The apps in question primarily targeted users in Southwest Asia and the Arabian Peninsula, attracting a total of 700, 000 downloads before they were discovered and removed from the platform. Lisäksi:
The Incredible Rise of North Korea’s Hacking Army
www.newyorker.com/magazine/2021/04/26/the-incredible-rise-of-north-koreas-hacking-army The country’s cyber forces have raked in billions of dollars for the regime by pulling off schemes ranging from A.T.M. heists to cryptocurrency thefts. Can they be stopped?
IntelBrief: QAnon A U.S. National Security Threat Amplified by Foreign-Based Actors
thesoufancenter.org/intelbrief-2021-april-20/ In testimony last week to the United States Senate Intelligence Committee, FBI Director Christopher Wray highlighted the continuing national security threat posed by adherents of the QAnon conspiracy theory.