Security News > 2022

Vulnerability researchers have found security issues in a GPS tracker that is advertised as being present in about 1.5 million vehicles in 169 countries. MiCODUS GPS trackers are used by the state-owned Ukrainian transportation agency, so Russian hackers could target them to determine supply routes, troop movements, or patrol routes, researchers at cybersecurity company BitSight say in a report today.

The Minister for Foreign Affairs of Belgium says multiple Chinese state-backed threat groups targeted the country's defense and interior ministries. "Belgium assesses these malicious cyber activities to have been undertaken by Chinese Advanced Persistent Threats."

We forensically confirmed that at least 30 individuals were infected with NSO Group's Pegasus spyware. A sample of the victims was independently analyzed by Amnesty International's Security Lab which confirms the methodology used to determine Pegasus infections.

SSH is a tool I use every single day to log into remote Linux servers and take care of my admin tasks. Here are my five most straightforward tips for securing SSH on your Linux machines.

Payment card details from customers of more than 300 restaurants have been stolen in two web-skimming campaigns targeting three online ordering platforms. Recently, Recorded Future's threat detection tools identified two Magecart campaigns injecting malicious code into the online ordering portals of MenuDrive, Harbortouch, and InTouchPOS. As a result, 50,000 payment cards were stolen and have already been offered for sale on various marketplaces on the dark web.

Payment card details from customers of more than 300 restaurants have been stolen in two web-skimming campaigns targeting three online ordering platforms. Recently, Recorded Future's threat detection tools identified two Magecart campaigns injecting malicious code into the online ordering portals of MenuDrive, Harbortouch, and InTouchPOS. As a result, 50,000 payment cards were stolen and have already been offered for sale on various marketplaces on the dark web.

A security researcher has found a new way to steal data from air-gapped systems by using serial ATA cables present inside most computers as a wireless antenna that sends out data via radio signals. The researcher found that SATA cables in computers can deliver over a radio channel between 5.9995 and 5.9996 GHz electromagnetic signals that correspond to specific characters.

LinkedIn and Microsoft are the most impersonated brands in phishing attacks. LinkedIn and Microsoft took top spots as the most exploited brands in phishing attacks last quarter, Check Point Research reported on Tuesday.

More organizations now seek ways to leverage the power of cyber fusion centers to give them deeper visibility into the threat landscape and help them with swift solutions to security issues. Cyber fusion centers are unified and advanced security operations centers that enhance and improve enterprise security by devising a holistic approach to threat detection, hunting, response and threat intelligence.

State-backed hackers part of Russia's Federation Foreign Intelligence Service have started using Google Drive legitimate cloud storage service to evade detection. "We have discovered that their two most recent campaigns leveraged Google Drive cloud storage services for the first time," Unit 42 analysts who spotted the new trend said.