Security News
Computer code developed by a company called Pushwoosh is in about 8,000 Apple and Google smartphone apps. The company pretends to be American when it is actually Russian.
The Internal Revenue Service warned Americans of an exponential rise in IRS-themed text message phishing attacks trying to steal their financial and personal information in the last few weeks. Such scam texts redirect U.S. taxpayers to phishing landing pages designed to collect sensitive information using various baits.
American Airlines says its Cyber Security Response Team found out about a recently disclosed data breach from the targets of a phishing campaign that was using an employee's hacked Microsoft 365 account. The investigation also revealed the attacker accessed multiple employees' accounts and used them to send more phishing emails to targets American has not yet disclosed.
American Airlines says its Cyber Security Response Team found out about a recently disclosed data breach from the targets of a phishing campaign that was using an employee's hacked Microsoft 365 account. The investigation also revealed the attacker accessed multiple employees' accounts and used them to send more phishing emails to targets American has not yet disclosed.
American Airlines has notified customers of a recent data breach after attackers compromised an undisclosed number of employee email accounts and gained access to sensitive personal information. American Airlines discovered the breach on July 5th, immediately secured the impacted email accounts, and hired a cybersecurity forensic firm to investigate the security incident.
Three former US government cyber-spies who, among other things, illicitly compromised and snooped on Americans' devices for the United Arab Emirates government have been banned from participating in international arms exports under a deal reached with Uncle Sam. Per the terms of the agreements, Ryan Adams [PDF], Marc Baier [PDF] and Daniel Gericke [PDF], all three former NSA operatives, will be "Debarred," meaning they are prohibited from participating in any activities regulated under the International Traffic in Arms Regulations for three years.
The CIA illegally spied on US citizens while they visited WikiLeaks publisher Julian Assange inside the Ecuadorian embassy in London, a lawsuit filed today has claimed. A legal complaint [PDF], filed in New York City on behalf of four attorneys and journalists, accuses the spy agency of spying on the American citizens without their knowledge or consent in violation of their Fourth Amendment rights while they met Assange at the embassy.
The Federal Communications Commission warned Americans of an increasing wave of SMS phishing attacks attempting to steal their personal information and money. "The FCC tracks consumer complaints - rather than call or text volume - and complaints about unwanted text messages have risen steadily in recent years from approximately 5,700 in 2019, 14,000 in 2020, 15,300 in 2021, to 8,500 through June 30, 2022," the US communications watchdog's Robocall Response Team said [PDF].
Cybersecurity researchers have taken the wraps off what they call a "Nearly-impossible-to-detect" Linux malware that could be weaponized to backdoor infected systems. Dubbed Symbiote by threat intelligence firms BlackBerry and Intezer, the stealthy malware is so named for its ability to conceal itself within running processes and network traffic and drain a victim's resources like a parasite.
US law enforcement has shut down another dark web market, seizing and dismantling SSNDOB, a site dealing in stolen personal information. Prior to the takedown, SSNDOB reportedly had 24 million individuals' records available for purchase, which it regularly advertised on dark web forums.