Month: October 2023

Oct 31, 2023NewsroomCyber War / Malware The threat actor known as Arid Viper (aka APT-C-23, Desert Falcon, or TAG-63) has been attributed as behind an Android spyware campaign targeting Arabic-speaking users with a counterfeit dating app designed to harvest data from infected handsets. “Arid Viper’s Android malware has a number of features that enable the
Effective cybersecurity awareness training programs teach employees about the powerful roles they play in protecting their organizations from cyber attacks and keep them informed about the ever-changing threat landscape. Ineffective programs abound, however, with dull and outdated content failing to effectively engage users and, therefore, leaving organizations open to unnecessary cybersecurity risks. Most employees have
Oct 30, 2023The Hacker NewsWebinar / Web App Security Modern web app development relies on cloud infrastructure and containerization. These technologies scale on demand, handling millions of daily file transfers – it’s almost impossible to imagine a world without them. However, they also introduce multiple attack vectors that exploit file uploads when working with public
More South Korean investors are putting money into Southeast Korea startups, creating an “investment corridor” between the two regions. The latest one is KIPSEA. Short for Korean Investment Partners Southeast Asia, KIPSEA has a Singapore-based team and just announced its first fund close of $60 million. Limited partners come from South Korea, Hong Kong and
Microsoft has described the Octo Tempest (aka Scattered Spider, 0ktapus, UNC3944) group as “one of the most dangerous financial criminal groups” operating today. In a lengthy analysis, the tech giant explained that the financial extortion group is unusual in comprising English-speaking threat actors, even though it has collaborated with the Russian-speaking ALPHV/BlackCat ransomware operation. “Historically,
Oct 27, 2023NewsroomCyber Attack / Malware The North Korea-aligned Lazarus Group has been attributed as behind a new campaign in which an unnamed software vendor was compromised through the exploitation of known security flaws in another high-profile software. The attack sequences, according to Kaspersky, culminated in the deployment of malware families such as SIGNBT and
Hello, ghouls and goblins, and welcome to this Halloween Weekend edition of Week in Review (WiR), TechCrunch’s weekly tech recap in newsletter form. For our U.S.-based readers (and this reporter), ’tis the time for mid-autumn merrymaking — time-tested traditions like jack-o’-lantern carving, costuming and apple picking. May we all make the most of it. In
Kenyan B2B e-commerce company MarketForce has shut down operations in three of its five markets in Africa and is in the early stages of launching a social commerce spinout. TechCrunch has learned that MarketForce’s super-app dubbed RejaReja, which enable informal retailers (mom-and-pop stores) to order fast moving consumer goods (FMCGs) order directly from distributors and
Oct 28, 2023NewsroomPrivacy / Data Security New findings have shed light on what’s said to be a lawful attempt to covertly intercept traffic originating from jabber[.]ru (aka xmpp[.]ru), an XMPP-based instant messaging service, via servers hosted on Hetzner and Linode (a subsidiary of Akamai) in Germany. “The attacker has issued several new TLS certificates using
What is a compliance officer? Compliance officers are employees tasked with ensuring a company follows its internal rules and best-practice policies while always complying with applicable external laws and government regulations. They apply their organizational and data management skills to identify regulatory risks, monitor company activity to confirm regulatory compliance, and then work closely with
When organizations start incorporating cybersecurity regulations and cyber incident reporting requirements into their security protocols, it’s essential for them to establish comprehensive plans for preparation, mitigation, and response to potential threats. At the heart of your business lies your operational technology and critical systems. This places them at the forefront of cybercriminal interest, as they
Cruise said Thursday evening it has paused all driverless operations, a decision that comes just two days after the California Department of Motor Vehicles suspended Cruise’s deployment and driverless testing permits effectively ending its robotaxi operations in the state. The action means that driverless operations in Austin, Houston and Phoenix where the company was charging
Oct 26, 2023NewsroomCyber Threat / Social Engineering The prolific threat actor known as Scattered Spider has been observed impersonating newly hired employees in targeted firms as a ploy to blend into normal on-hire processes and takeover accounts and breach organizations across the world. Microsoft, which disclosed the activities of the financially motivated hacking crew, described
Laurie Menoud Contributor With climate tech today, as during the clean tech boom, there is more public attention on sectors that resonate with consumers. Plastic alternatives or recycling, for instance, is the go-to thing for people who want to get into sustainability. This thinking is further supported by the Intergovernmental Panel on Climate Change (IPCC)
Cybersecurity is not a strategic priority for 35% of SMBs considering cloud migration, Amazon Web Services (AWS) has revealed. The cloud infrastructure giant surveyed more than 800 C-suite execs, VPs and directors from global SMBs to better understand their attitudes to cloud security and uncovered three misconceptions. These were: Security is an added cost rather than