A cybersecurity firm says a popular Android screen recording app that racked up tens of thousands of downloads on Google’s app store subsequently began spying on its users, including by stealing microphone recordings and other documents from the user’s phone. Research by ESET found that the Android app, “iRecorder — Screen Recorder,” introduced the malicious
India’s JioCinema broke the global record for the most concurrent views to a live streamed event on Monday, eclipsing a long-standing milestone set by Disney’s Hotstar, as the Asian tycoon Mukesh Ambani spares no expense in expanding his digital empire. The Indian streaming app, whose partner includes James Murdoch’s Bodhi Tree-backed Viacom18, surpassed the record
Unit 42, Palo Alto Networks threat research team, has found new malicious activity targeting IoT devices, using a variant of Mirai, a piece of malware that turns networked devices running Linux, typically small IoT devices, into remotely controlled bots that can be used in large-scale network attacks. Dubbed IZ1H9, this variant was first discovered in
May 29, 2023Ravie LakshmananCyber Threat / Malware A crypter (alternatively spelled cryptor) malware dubbed AceCryptor has been used to pack numerous strains of malware since 2016. Slovak cybersecurity firm ESET said it identified over 240,000 detections of the crypter in its telemetry in 2021 and 2022. This amounts to more than 10,000 hits per month.
Jensen Huang wants to bring generative AI to every data center, the Nvidia co-founder and CEO said during Computex in Taipei today. During the speech, Huang’s first public speech in almost four years he said, he made a slew of announcements, including chip release dates, its DGX GH200 super computer and partnerships with major companies.
Techstars’ Kerty Levy knows a thing or two about where seed funding is, and where it might be going, in the Northeast. During a presentation at TechCrunch’s Early Stage in Boston last month, Levy took a brief look at deal counts and valuations before exploring in more depth what the obstacles to funding are right
Smart contracts execute processes, transactions and other tasks when specific events, conditions and logic are met, depending on how they are programmed. Smart contracts are deployed on a blockchain, such as Ethereum or other distributed ledger infrastructure, where they listen for events and updates from cryptographically secure data feeds called oracles. These contracts often control
Perception Point has observed a 356% growth in the number of advanced phishing attacks attempted by threat actors in 2022. According to the company’s 2023 Annual Report: Cybersecurity Trends & Insights report, the total number of attacks increased by 87%. Among the reasons behind this growth is the fact that malicious actors continue to gain widespread
May 27, 2023Ravie LakshmananAPI Security / Vulnerability A critical security vulnerability has been disclosed in the Open Authorization (OAuth) implementation of the application development framework Expo.io. The shortcoming, assigned the CVE identifier CVE-2023-28131, has a severity rating of 9.6 on the CVSS scoring system. API security firm Salt Labs said the issue rendered services using
ESET research uncovers an Android app that initially had no harmful features but months later turned into a spying tool This week, ESET malware researcher Lukas Stefanko revealed how an initially legitimate Android app morphed into a malicious trojan that could steal users’ files and record surrounding audio from the device’s microphone and then exfiltrate
Welcome, folks, to Week in Review (WiR), TechCrunch’s regular column that rounds up the week in tech news. Dunno about y’all, but it’s felt like a long one — and I’m thankful for the extended weekend. For those observing Memorial Day, do enjoy. Those not, take the time off where you’re able. We all need
Welcome to the TechCrunch Exchange, a weekly startups-and-markets newsletter. It’s inspired by the daily TechCrunch+ column where it gets its name. Want it in your inbox every Saturday? Sign up here. From cybersecurity to SaaS for restaurants, the key to running a successful business is selling a product that solves your clients’ real problems. —
A Chinese nation-state threat group is conducting intrusion and espionage campaigns against U.S. critical infrastructure entities, according to a new report by Microsoft. In a blog post Wednesday, Microsoft Threat Intelligence detailed the ongoing campaign that involves a group of Chinese state-sponsored hackers it tracks as “Volt Typhoon” that’s been active since 2021. Because the
New Russian-linked malware designed to take down electricity networks has been identified by Mandiant threat researchers, who have urged energy firms to take action to mitigate this “immediate threat.” The specialized operational technology (OT) malware, dubbed COSMICENERGY, has similarities to malware used in previous attacks targeting electricity grids, including the ‘Industroyer’ incident that took down
A new stealthy information stealer malware called Bandit Stealer has caught the attention of cybersecurity researchers for its ability to target numerous web browsers and cryptocurrency wallets. “It has the potential to expand to other platforms as Bandit Stealer was developed using the Go programming language, possibly allowing cross-platform compatibility,” Trend Micro said in a
This week, Worldcoin, an outfit that aims to serve as proof of personhood in a world where it’s harder by the day to distinguish a human from a bot, raised $115 million in Series C funding. Led by the 10-year-old venture firm Blockchain Capital, whose bets have included Coinbase, Kraken and OpenSea, the investment brings
After sales software startup TigerEye closed its Series A and established a board of directors, its co-founders put them on notice: One thing we’d like to never do is the three-hour, too-in-the-weeds, non-strategic board meeting. “Every board deck I’ve made and seen is more than 80 pages long,” says Tracy Young, co-founder and CEO of
ESET researchers reveal details about a prevalent cryptor, operating as a cryptor-as-a-service used by tens of malware families In this blogpost we examine the operation of AceCryptor, originally documented by Avast. This cryptor has been around since 2016 and because – throughout its existence – it has been used to pack tens of malware families,
A smart contract is a type of blockchain application that performs transactions and other processes according to a set of rules defined within the program’s code. The contract executes automatically if its terms are met; it doesn’t depend on a person, institution or other third-party intermediary. Many people associate smart contracts with cryptocurrency platforms, where
Romanian cybersecurity firm Safetech launched its official presence in the UK on May 23, 2023, underscoring the recent growth of the UK’s cybersecurity sector. Plans to build a security operations center (SOC) at the Plexal Innovation Hub based in London were announced during the company’s launch event. Anca Stancu, co-founder and managing partner of Safetech
by Paul Ducklin A PYTHON PERSPECTIVE VORTEX No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our
Security researchers have shared a deep dive into the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexa (previously Cytrox). Predator was first documented by Google’s Threat Analysis Group (TAG) in May 2022 as part of attacks leveraging five different zero-day flaws in the Chrome web browser and Android. The spyware,
OpenAI has expanded the availability of its ChatGPT app for iOS users in India and 32 other countries — just a week after its launching it in the U.S. The list of new countries include Algeria, Argentina, Azerbaijan, Bolivia, Brazil, Canada, Chile, Costa Rica, Ecuador, Estonia, Ghana, India, Iraq, Israel, Japan, Jordan, Kazakhstan, Kuwait, Lebanon,
South Korea’s economic model has for decades leaned on export-led manufacturing operated by family-owned corporate giants. A 2015 report from McKinsey outlined how the country would need small companies to drive an innovative model in preparation for the next phase of economic growth. “The key to fostering such innovation is a vibrant startup community. …
Small and medium-sized businesses (SMBs) are increasingly being targeted by advanced persistent threat (APT) actors globally, Proofpoint has found. In a new report published on May 24, 2023, the Proofpoint research team saw that state-aligned threat actors from Russia, Iran and North Korea were specifically targeting SMBs across the world in in phishing attacks conducted
by Paul Ducklin It’s taken more than five years for justice to be served in this case, but the cops and the courts got there in the end. The UK law enforcement office SEROCU, short for South East Regional Organised Crime Unit, this week reported the peculiar tale of one Ashley Liles, the literal Man
May 25, 2023Ravie LakshmananFinancial Security / Cyber Threat A Brazilian threat actor is targeting more than 30 Portuguese financial institutions with information-stealing malware as part of a long-running campaign that commenced in 2021. “The attackers can steal credentials and exfiltrate users’ data and personal information, which can be leveraged for malicious activities beyond financial gain,”
ChatGPT, OpenAI’s text-generating AI chatbot, has taken the world by storm. It’s able to write essays, code and more given short text prompts, hyper-charging productivity. But it also has a more…nefarious side. In any case, AI tools are not going away — and indeed has expanded dramatically since its launch just a few months ago.
Nobody wants to spend their time dealing with the fallout of a security incident instead of building up their business Approximately one in seven people in Europe and the United States are self-employed, often realizing their dream to be in charge of their own destiny and having more freedom and control over their careers. But
Q1 2023 marks the first quarter Jumia’s new management implemented its strategy after riding out the blueprint of previous management in Q4 2022. The result? Jumia saw its losses decrease significantly: adjusted EBITDA loss dropped 51% year-over-year to $27 million, on track to meet the company’s end-of-year target of $100-120 million in adjusted losses. Similarly,