Security News > 2021 > October

Though attackers mainly have been seen targeting Russian organizations, they have attacked targets in 10 countries so far, researchers said in a report by company researchers Aleksandr Grigorian, Daniil Koloskov, Denis Kuvshinov and Stanislav Rakovsky published online Thursday. ChamelGang - like Nobelium and REvil before it - has hopped on the bandwagon of attacking the supply chain first to gain access to its ultimate target, they said.

MalwareHunterTeam has spotted the two-year-old malware in a new distribution campaign that targets German users with a malicious APK named 'Commerzbank Security' and using the same icon as the official app. Cyble has found that the Hydra-laced app requests 21 permissions, most notably the 'BIND-ACCESSIBILITY PERMISSION' and 'BIND DEVICE ADMIN,' two extremely risky permissions.

It's telling me I am nearing the end of the app's free trial period and now is the time to commit to a subscription payment or lose the "Pro" features I have been "Enjoying." Although the password app is free, the German volunteer developer who wrote and maintains it always asks his users for modest donations at this time of year to coincide with Oktoberfest.

It's telling me I am nearing the end of the app's free trial period and now is the time to commit to a subscription payment or lose the "Pro" features I have been "Enjoying." Although the password app is free, the German volunteer developer who wrote and maintains it always asks his users for modest donations at this time of year to coincide with Oktoberfest.

Cybersecurity researchers have disclosed an unpatched flaw in Apple Pay that attackers could abuse to make an unauthorized Visa payment with a locked iPhone by taking advantage of the Express Travel mode set up in the device's wallet. Express Travel is a feature that allows users of iPhone and Apple Watch to make quick contactless payments for public transit without having to wake or unlock the device, open an app, or even validate with Face ID, Touch ID or a passcode.

Elastic announced expanded Limitless Extended Detection and Response capabilities across the Elastic Security solution in its 7.15 release, including new layers of prevention for Windows, macOS and Linux, and host isolation for cloud-native Linux environments. Cloudflare announces free email offerings to prevent phishing and increase security.

The integration of mobile communications, infotainment, geo-location, and emergency monitoring systems render cars as a connected device within a distributed mesh of different data services. As manufacturers increase levels of system automation on the journey to fully autonomous vehicles, the volume of data generated and consumed by our vehicles will grow exponentially, as will the complexity of the code base on which the car depends.

Egnyte's latest report, based on a survey of 400 IT executives, examines the challenges of securing and governing unstructured content in today's hybrid and remote work environments. A key finding of the research is that unchecked data growth, combined with a lack of visibility, is increasing the risk of breaches, ransomware, and compliance violations dramatically.

Their behaviors online are risky at best and are putting them at risk of cybercrime. Aura hopes to help solve this problem for consumers by providing resources, products and guidance on how to keep your identity, finances and devices safe from online threats." Many people believe they will feel about the same or even less secure in 2030 than they feel online today.

A new report by Malwarebytes, Digitunity and Cybercrime Support Network, which polled more than 5,000 people across the United States, United Kingdom, and Germany, details how people experience cybercrime worldwide, demonstrating cybercrime does not impact everyone equally. Overall analysis of data suggests disadvantaged groups facing barriers in society, such as those with lower incomes and lower education levels, feel less safe about their online experiences, are more likely to fall victim to an attack, and at times report experiencing a heavier emotional burden when responding to cyberattacks.