Security News

Microsoft on Wednesday disclosed that it identified a set of highly targeted social engineering attacks mounted by a Russian nation-state threat actor using credential theft phishing lures sent as Microsoft Teams chats. Microsoft said the campaign, observed since at least late May 2023, affected less than 40 organizations globally spanning government, non-government organizations, IT services, technology, discrete manufacturing, and media sectors.

Hackers are using a fake Android app named 'SafeChat' to infect devices with spyware malware that steals call logs, texts, and GPS locations from phones. The Android spyware is suspected to be a variant of "Coverlm," which steals data from communication apps such as Telegram, Signal, WhatsApp, Viber, and Facebook Messenger.

While consumers are usually the ones worried about their information being exposed in data breaches, it's now the hacker's turn, as the notorious Breached cybercrime forum's database is up for sale and member data shared with Have I Been Pwned. Yesterday, the Have I Been Pwned data breach notification service announced that visitors can check if their information was exposed in a data breach of the Breached cybercrime forum.

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

Three Android apps on Google Play were used by state-sponsored threat actors to collect intelligence from targeted devices, such as location data and contact lists. The malicious Android apps were discovered by Cyfirma, who attributed the operation with medium confidence to the Indian hacking group "DoNot," also tracked as APT-C-35, which has targeted high-profile organizations in Southeast Asia since at least 2018.

Microsoft announced today that users would also be able to communicate with Bing Chat, the AI-powered chat-based version of its Bing search engine, via voice commands. "We know many of you love using voice input for chat on Mobile. It's now also available on desktop by clicking on the microphone icon in the Bing Chat box," the Bing Team said.

The Vivaldi Browser is now spoofing Microsoft Edge on Android devices starting today to bypass browser restrictions Microsoft placed in Bing Chat. Since Microsoft released its Bing Chat, they have restricted it so users can only use it on the Microsoft Edge Browser.

Meta has unveiled Chat Lock within WhatsApp, a feature that allows users to keep sensitive and intimate conversations safe from prying eyes. By tapping on a one-to-one or group conversation, users can easily enable Chat Lock and choose between password or biometric authentication options.

Chat Lock will create a new folder that can be locked with a password or biometric methods like a fingerprint. "Locking a chat takes that thread out of your inbox and puts it behind its own folder that can only be accessed with your device's password or biometric, like a fingerprint," WhatsApp said today.

European police arrested three people in Belgrade described as "The biggest" drug lords in the Balkans in what cops are chalking up to another win in dismantling Sky ECC's encrypted messaging app last year. Sky ECC was a subscription-based, end-to-end encrypted messaging app made by Sky Global and bundled on Google, Apple, Nokia, and BlackBerry handsets stripped of their GPS units, cameras, and microphones - the idea being that you could chat via text with other users without fear of being snooped on by the cops and others.