Security News > 2023 > October
A new Android banking trojan named GoldDigger has been found targeting several financial applications with an aim to siphon victims' funds and backdoor infected devices. "The malware targets more...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation, while...
With IoT taking over the home and office, device creators and users must take extra steps to stay cyber-safe. The availability of affordable cameras is reshaping how we interact with devices.
South Korea's National Intelligence Service has warned North Korea is attacking its shipbuilding sector. "Security recently reported that North Korea has targeted our shipbuilding companies to strengthen its naval military power," explained [PDF] the intelligence agency, via machine translation.
"Without a doubt chatbots or large language models lower the barrier for entry to cybercrime, making it possible to create well-written phishing campaigns and generate malware that less capable coders could not produce alone," said Jack Chapman, VP of Threat Intelligence, Egress. The number one phishing topic was missed voice messages, which accounted for 18.4% of phishing attacks between January to September 2023, making them the most phished topic for the year so far.
In this Help Net Security video, Peter Pezaris, Chief Strategy and Design Officer at New Relic, discusses observability adoption and how full-stack observability leads to better service-level metrics, such as fewer, shorter outages and lower outage costs. 32% of respondents to a recent New Relic survey said critical business app outages cost more than $500K per hour of downtime.
Apple on Wednesday rolled out security patches to address a new zero-day flaw in iOS and iPadOS that it said has come under active exploitation in the wild. Tracked as CVE-2023-42824, the kernel...
New cybersecurity findings pinpoint areas where cybersecurity experts are lacking, with interpersonal skills, cloud computing, and security measures standing out as the most prominent skill deficiencies in cybersecurity specialists, according to a new ISACA report. 56 percent of cybersecurity leaders say they have difficulty retaining qualified cybersecurity professionals, though this number is down four points from last year.
Atlassian has released fixes to contain an actively exploited critical zero-day flaw impacting publicly accessible Confluence Data Center and Server instances. The vulnerability, tracked as...
One in eight open-source downloads today poses known and avoidable risks. Only 11% of open-source projects are 'actively maintained'.