reader comments 85 with 63 posters participating, including story author Share this story Open source packages downloaded an estimated 30,000 times from the PyPI open source repository contained malicious code that surreptitiously stole credit card data and login credentials and injected malicious code on infected machines, researchers said on Thursday. In a post, researchers Andrey… Read More »
reader comments 37 with 30 posters participating, including story author Share this story Recently detected Android malware, some spread through the Google Play Store, uses a novel way to supercharge the harvesting of login credentials from more than 100 banking and cryptocurrency applications. The malware, which researchers from Amsterdam-based security firm ThreatFabric are calling Vultur,… Read More »
reader comments 59 with 43 posters participating Share this story Government officials in the US, UK, and Australia are urging public- and private-sector organizations to secure their networks by ensuring firewalls, VPNs, and other network-perimeter devices are patched against the most widespread exploits. In a joint advisory published Wednesday, the US FBI and CISA (Cybersecurity… Read More »
Getty Images reader comments 34 with 29 posters participating Share this story July has so far ushered in at least two new ransomware groups. Or maybe they’re old ones undergoing a rebranding. Researchers are in the process of running down several different theories. Both groups say they are aiming for big-game targets, meaning corporations or… Read More »
reader comments 62 with 41 posters participating Share this story Privacy tools-seller Windscribe said it failed to encrypt company VPN servers that were recently confiscated by authorities in Ukraine, a lapse that made it possible for the authorities to impersonate Windscribe servers and capture and decrypt traffic passing through them. The Ontario, Canada-based company said… Read More »
Getty Images reader comments 124 with 78 posters participating Share this story Venmo, the popular mobile payment service, has redesigned its app. That’s normally news you could safely ignore, but this announcement is worth a closer look. In addition to making some navigational tweaks and adding new purchase protections, the PayPal-owned platform is finally shutting… Read More »
Enlarge / A report this week indicates that the problem of high-caliber spyware is far more widespread than previously feared. reader comments 74 with 54 posters participating Share this story The shadowy world of private spyware has long caused alarm in cybersecurity circles, as authoritarian governments have repeatedly been caught targeting the smartphones of activists,… Read More »
reader comments 49 with 37 posters participating Share this story Kaseya—the remote management software seller at the center of a ransomware operation that struck as many as 1,500 downstream networks—said it has obtained a decryptor that should successfully restore data encrypted during the Fourth of July weekend attack. Affiliates of REvil, one of the Internet’s… Read More »
reader comments 122 with 83 posters participating Share this story China state hackers are compromising large numbers of home and office routers for use in a vast and ongoing attack against organizations in France, authorities from that county said. The hacking group—known in security circles as APT31, Zirconium, Panda, and other names—has historically conducted espionage… Read More »
reader comments 116 with 71 posters participating Share this story The world woke up on Tuesday to two new vulnerabilities—one in Windows and the other in Linux—that allow hackers with a toehold in a vulnerable system to bypass OS security restrictions and access sensitive resources. As operating systems and applications become harder to hack, successful… Read More »