A cybersecurity firm says a popular Android screen recording app that racked up tens of thousands of downloads on Google’s app store subsequently began spying on its users, including by stealing microphone recordings and other documents from the user’s phone. Research by ESET found that the Android app, “iRecorder — Screen Recorder,” introduced the malicious
India’s JioCinema broke the global record for the most concurrent views to a live streamed event on Monday, eclipsing a long-standing milestone set by Disney’s Hotstar, as the Asian tycoon Mukesh Ambani spares no expense in expanding his digital empire. The Indian streaming app, whose partner includes James Murdoch’s Bodhi Tree-backed Viacom18, surpassed the record
Smart contracts execute processes, transactions and other tasks when specific events, conditions and logic are met, depending on how they are programmed. Smart contracts are deployed on a blockchain, such as Ethereum or other distributed ledger infrastructure, where they listen for events and updates from cryptographically secure data feeds called oracles. These contracts often control
Perception Point has observed a 356% growth in the number of advanced phishing attacks attempted by threat actors in 2022. According to the company’s 2023 Annual Report: Cybersecurity Trends & Insights report, the total number of attacks increased by 87%. Among the reasons behind this growth is the fact that malicious actors continue to gain widespread
May 27, 2023Ravie LakshmananAPI Security / Vulnerability A critical security vulnerability has been disclosed in the Open Authorization (OAuth) implementation of the application development framework Expo.io. The shortcoming, assigned the CVE identifier CVE-2023-28131, has a severity rating of 9.6 on the CVSS scoring system. API security firm Salt Labs said the issue rendered services using
ESET research uncovers an Android app that initially had no harmful features but months later turned into a spying tool This week, ESET malware researcher Lukas Stefanko revealed how an initially legitimate Android app morphed into a malicious trojan that could steal users’ files and record surrounding audio from the device’s microphone and then exfiltrate
Welcome to the TechCrunch Exchange, a weekly startups-and-markets newsletter. It’s inspired by the daily TechCrunch+ column where it gets its name. Want it in your inbox every Saturday? Sign up here. From cybersecurity to SaaS for restaurants, the key to running a successful business is selling a product that solves your clients’ real problems. —
A Chinese nation-state threat group is conducting intrusion and espionage campaigns against U.S. critical infrastructure entities, according to a new report by Microsoft. In a blog post Wednesday, Microsoft Threat Intelligence detailed the ongoing campaign that involves a group of Chinese state-sponsored hackers it tracks as “Volt Typhoon” that’s been active since 2021. Because the
New Russian-linked malware designed to take down electricity networks has been identified by Mandiant threat researchers, who have urged energy firms to take action to mitigate this “immediate threat.” The specialized operational technology (OT) malware, dubbed COSMICENERGY, has similarities to malware used in previous attacks targeting electricity grids, including the ‘Industroyer’ incident that took down
A new stealthy information stealer malware called Bandit Stealer has caught the attention of cybersecurity researchers for its ability to target numerous web browsers and cryptocurrency wallets. “It has the potential to expand to other platforms as Bandit Stealer was developed using the Go programming language, possibly allowing cross-platform compatibility,” Trend Micro said in a
After sales software startup TigerEye closed its Series A and established a board of directors, its co-founders put them on notice: One thing we’d like to never do is the three-hour, too-in-the-weeds, non-strategic board meeting. “Every board deck I’ve made and seen is more than 80 pages long,” says Tracy Young, co-founder and CEO of
A smart contract is a type of blockchain application that performs transactions and other processes according to a set of rules defined within the program’s code. The contract executes automatically if its terms are met; it doesn’t depend on a person, institution or other third-party intermediary. Many people associate smart contracts with cryptocurrency platforms, where
OpenAI has expanded the availability of its ChatGPT app for iOS users in India and 32 other countries — just a week after its launching it in the U.S. The list of new countries include Algeria, Argentina, Azerbaijan, Bolivia, Brazil, Canada, Chile, Costa Rica, Ecuador, Estonia, Ghana, India, Iraq, Israel, Japan, Jordan, Kazakhstan, Kuwait, Lebanon,
South Korea’s economic model has for decades leaned on export-led manufacturing operated by family-owned corporate giants. A 2015 report from McKinsey outlined how the country would need small companies to drive an innovative model in preparation for the next phase of economic growth. “The key to fostering such innovation is a vibrant startup community. …
Small and medium-sized businesses (SMBs) are increasingly being targeted by advanced persistent threat (APT) actors globally, Proofpoint has found. In a new report published on May 24, 2023, the Proofpoint research team saw that state-aligned threat actors from Russia, Iran and North Korea were specifically targeting SMBs across the world in in phishing attacks conducted
May 25, 2023Ravie LakshmananFinancial Security / Cyber Threat A Brazilian threat actor is targeting more than 30 Portuguese financial institutions with information-stealing malware as part of a long-running campaign that commenced in 2021. “The attackers can steal credentials and exfiltrate users’ data and personal information, which can be leveraged for malicious activities beyond financial gain,”