Cyber attack hits State Department in ‘possible serious breach’

Researchers Flag ‘FlixOnline’ as a Malicious Android Play Store App That Combines Social Engineering With WhatsApp Auto-Replies to Propagate Researchers have discovered new Android malware that uses Netflix as its lure and spreads malware via auto-replies to received WhatsApp messages. The discovery was reported to Google, and the malware – dubbed FlixOnline – has been removed from…

The Spanish National Police (Policía Nacional), supported by the Italian National Police (Polizia di Stato), Europol and Eurojust, dismantled an organised crime group linked to the Italian Mafia involved in online fraud, money laundering, drug trafficking and property crime. The suspects defrauded hundreds of victims through phishing attacks and other types of online fraud such…

How best to improve cybersecurity across the state will be the focus of a public hearing at the Massachusetts Statehouse this week. The Joint Committee on Advanced Information Technology, the Internet and Cybersecurity will hold the virtual hearing on Wednesday at 1 p.m. The hearing will be chaired by Sen. Barry Finegold of Andover and…

Attackers can use a newly disclosed domain name server (DNS) vulnerability publicly known as TsuNAME as an amplification vector in large-scale reflection-based distributed denial of service (DDoS) attacks targeting authoritative DNS servers. In simpler terms, authoritative DNS servers translate web domains to IP addresses and pass this info to recursive DNS servers that get queried…

Industrial cybersecurity company Claroty has discovered a severe memory protection bypass vulnerability in Siemens programmable logic controllers (PLC) that could enable attackers to remain undetected while running code of their choice. Claroty has been able to achieve native code execution on the Siemens SIMATIC S7-1200 and S7-1500 PLC CPUs by bypassing the PLC sandbox within…

A serious vulnerability affecting the Linphone Session Initiation Protocol (SIP) client suite can allow malicious actors to remotely crash applications, industrial cybersecurity firm Claroty warned on Tuesday. SIP is a signaling protocol designed for initiating, maintaining and terminating communication sessions. The protocol is often used for voice, video, instant messaging, and other types of applications….