Security News > 2024 > July

Europol published a position paper today highlighting its concerns around SMS home routing - the technology that allows telcos to continue offering their services when customers visit another country. According to the cops, they pointed out that when roaming, a suspect in a criminal case who's using a SIM from another country will have all of their mobile communications processed through their home network.

Over the past six months, there has been a notable surge in Android financial threats - malware targeting victims' mobile banking funds, whether in the form of 'traditional' banking malware or, more recently, cryptostealers, according to ESET. Vidar infostealer targets Windows users. Infostealing malware can now be found impersonating generative AI tools, and new mobile malware GoldPickaxe is capable of stealing facial recognition data to create deepfake videos used by the malware's operators to authenticate fraudulent financial transactions.

The explosion of Internet of Things devices has brought about a wide range of security and privacy challenges, according to Bitdefender and NETGEAR. The report is based on global telemetry of 3.8 million homes and 50 million IoT devices that generated 9.1 billion security events over the course of 12 months. Vulnerabilities in IoT frameworks, like those found in the ThroughTek Kalay platform, expose millions of users to potential privacy breaches.

The supply chain attack targeting widely-used Polyfill[.]io JavaScript library is wider in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are...

As the use of the cloud continues to be strategically vital to many organizations, cloud resources have become the biggest targets for cyberattacks, with SaaS applications (31%), cloud storage...

Cybersecurity researchers have uncovered a new botnet called Zergeca that's capable of conducting distributed denial-of-service (DDoS) attacks. Written in Golang, the botnet is so named for its...

78% of organizations are tracking AI as an emerging risk while simultaneously adopting the technology themselves, according to AuditBoard. The report, based on a survey of over 400 security professionals in the US involved in their organization's approach to cybersecurity and digital risk, reveals organizations are making significant strides in digital risk management compared to previous years.

A threat actor compromised Ethereum's mailing list provider and sent to over 35,000 addresses a phishing email with a link to a malicious site running a crypto drainer. Ethereum disclosed the incident in a blog post this week and said that it had no material impact on users.

Improved cyber hygiene among businesses has led to a reduction in cyber insurance premiums by 15% worldwide over the last two years, a new report from Howden Insurance Brokers has found. "Sarah Neild, head of cyber retail U.K. at Howden, explained why the cost of cyber insurance has declined. She told TechRepublic in an email,"Increased risk awareness off the back of persistent and high-profile attacks is one reason.

Hackers are targeting older versions of the HTTP File Server from Rejetto to drop malware and cryptocurrency mining software. The researchers say that during the attacks the hackers collect information about the system, install backdoors and various other types of malware.