Security News > 2024 > March

The Finnish Police confirmed on Tuesday that the APT31 hacking group linked to the Chinese Ministry of State Security was behind a breach of the country's parliament disclosed in March 2021. As Finnish Parliament officials said three years ago, when describing the incident as a "State cyber-espionage operation" believed to be linked to "The so-called APT31 operation," the attackers gained access to multiple parliament email accounts, including some belonging to Finnish MPs. On Monday, the U.S. Treasury Department's Office of Foreign Assets Control sanctioned two APT31 operatives who worked as contractors for Wuhan XRZ, an OFAC-designated front company used by the Chinese MSS as cover in U.S. critical infrastructure attacks.

Cybercriminals are selling custom Raspberry Pi software called 'GEOBOX' on Telegram, which allows inexperienced hackers to convert the mini-computers into anonymous cyberattack tools. GEOBOX is sold on Telegram channels for a subscription of $80 per month or $700 for a lifetime license, payable in cryptocurrency.

The German national cybersecurity authority warned on Tuesday that it found at least 17,000 Microsoft Exchange servers in Germany exposed online and vulnerable to one or more critical security vulnerabilities. According to the German Federal Office for Information Security, around 45,000 Microsoft Exchange servers in Germany have Outlook Web Access enabled and are accessible from the Internet.

Ray is an open-source framework developed by Anyscale that is used to scale AI and Python applications across a cluster of machines for distributed computational workloads. In November 2023, Anyscale disclosed five Ray vulnerabilities, fixing four tracked as CVE-2023-6019, CVE-2023-6020, CVE-2023-6021, and CVE-2023-48023.

Threat hunters have identified a suspicious package in the NuGet package manager that's likely designed to target developers working with tools made by a Chinese firm that specializes in...

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Over 15 free VPN apps on Google Play were found using a malicious software development kit that turned Android devices into unwitting residential proxies, likely used for cybercrime and shopping bots. HUMAN discovered the first PROXYLIB carrier app in May 2023, a free Android VPN app named "Oko VPN." The researchers later found the same library used by the LumiApps Android app monetization service.

It's essential that cybersecurity professionals understand the risks associated with brute force attacks. Read this guide from TechRepublic Premium to find out what you need to know about this classic form of cybersecurity attack, how safe you may be and how to defend your systems against brute force attacks.

A new variant of "TheMoon" malware botnet has been spotted infecting thousands of outdated small office and home office routers and IoT devices in 88 countries. Black Lotus Labs researchers monitoring the latest TheMoon campaign, which started in early March 2024, have observed 6,000 ASUS routers being targeted in under 72 hours.

Authenticator apps help individuals and organizations double-check user identity by using two-factor or multi-factor authentication to verify and authenticate user identities before granting access to them. In this article, we will review the best authenticator apps in 2024 and explore their features, pricing and pros and cons to help you decide the right authenticator app for your business.