New malware with extensive spyware capabilities steals data from infected Android devices and is designed to automatically trigger whenever new info is ready for exfiltration. The spyware can only be installed as a ‘System Update‘ app via third-party Android app stores as it was never available on Google’s Play Store. This drastically limits the number…
A planned Biden administration executive order will require many software vendors to notify their federal government customers when the companies have a cybersecurity breach, according to a draft seen by Reuters. A National Security Council spokeswoman said no decision has been made on the final content of the executive order. The order could be released…
The trial of Derek Chauvin, the US police officer accused of killing George Floyd in May, has wide implications, Prof David Schultz, of Hamline University, says. He set out how he expected the prosecution and defence to outline their cases and told BBC World News: “It is always easy for people to say there is…
Beware of this malicious Android system update | IT Security News 29. March 2021 Cybersecurity firm Zimperium has uncovered a latest mobile security threat as a critical system update that is actually a sophisticated malware that steals data and conduct espionage on targeted smart phones. Zimperium zLabs says that the malware has capability of sending…
Suspected Russian hackers gained access to email accounts belonging to the Trump administration’s head of the Department of Homeland Security and members of the department’s cybersecurity staff whose jobs included hunting threats from foreign countries, The Associated Press has learned. The intelligence value of the hacking of then-acting Secretary Chad Wolf and his staff is…
When DC Films’ Justice League was in post-production back in 2017, its director, Zack Snyder, had to stand down from the project for personal reasons. The film was completed, but with significant changes from Snyder’s original version, and it received almost universally bad reviews. Fans launched a massive internet campaign for Snyder’s version of the…
PHP’s Git Server Hacked to Insert Secret Backdoor to Its Source code | IT Security News 29. March 2021 In yet another instance of a software supply chain attack, unidentified actors hacked the official Git server of the PHP programming language and pushed unauthorized updates to insert a secret backdoor into its source code.The two malicious…
Another week, and another major mobile security risk. A few weeks ago, Zimperium zLabs researchers disclosed unsecured cloud configurations exposing information in thousands of legitimate iOS and Android apps (you can read more about it in our blog). This week, zLabs is warning Android users about a sophisticated new malicious app. The new malware disguises…
Facebook finally identifies the Chinese hackers that are targeting Uyghurs in the United States. The giant tech firm confirmed that these cybercriminals are secretly spying on the Uyghurs who are living abroad in Kazakhstan, Turkey, the U.S., and other countries. (Photo : Photo by Sean Gallup/Getty Images)A participant sits with a laptop computer as he…
New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. Let’s just get this out of the way right now: It wasn’t me. The Shadowserver Foundation, a nonprofit that helps network owners identify and fix security…
