Security News > 2024 > February
With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever,...
Group-IB uncovered a new iOS trojan designed to steal users' facial recognition data, identity documents, and intercept SMS. The trojan, dubbed GoldPickaxe. iOS trojan targets victims in the Asia-Pacific region.
A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called...
Cyber baddies have turned to ad networks to measure malware deployment and to avoid detection, according to HP Wolf Security. The security group's Q4 2024 Threat Insights Report finds criminals have adopted ad tech tools to make their social engineering attacks more effective.
A new iOS and Android trojan named 'GoldPickaxe' employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access. The new malware, spotted by Group-IB, is part of a malware suite developed by the Chinese threat group known as 'GoldFactory,' which is responsible for other malware strains such as 'GoldDigger', 'GoldDiggerPlus,' and 'GoldKefu.
The European Court of Human Rights has ruled that laws requiring crippled encryption and extensive data retention violate the European Convention on Human Rights - a decision that may derail European data surveillance legislation known as Chat Control. The Court issued a decision on Tuesday stating that "The contested legislation providing for the retention of all internet communications of all users, the security services' direct access to the data stored without adequate safeguards against abuse and the requirement to decrypt encrypted communications, as applied to end-to-end encrypted communications, cannot be regarded as necessary in a democratic society."
As mentioned earlier, outsourcing AI services has become a go-to strategy for many companies hoping to leverage the power of AI without the investment in in-house development. AI systems often process large volumes of sensitive data.
Digital forensics plays a crucial role in analyzing and addressing cyberattacks, and it's a key component of incident response. Digital forensics provides vital information for auditors, legal teams, and law enforcement agencies in the aftermath of an attack.
Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as...
In this Help Net Security video, Krista Macomber, Research Director at The Futurum Group, discusses how IT and security teams increasingly unite against cyber threats. Organizations are still struggling with the issue of disjointed data protection solutions, leading to not just management complexities but also challenges in cyber resilience.