Security News
According to research from cybersecurity company ESET, the APT 37 threat group used the newly discovered malware against very specific entities. The researchers say that the hackers delivered their commands to Dolphin by uploading them on Google Drive.
Security researchers found a previously unknown backdoor they call Dophin that's been used by North Korean hackers in highly targeted operations for more than a year to steal files and send them to Google Drive storage. According to research from cybersecurity company ESET, the APT 37 threat group used the newly discovered malware against very specific entities.
The PCI Security Standards Council published a new standard designed to support the evolution of mobile payment acceptance solutions. PCI Mobile Payments on COTS builds on the existing PCI Software-based PIN Entry on COTS and PCI Contactless Payments on COTS Standards, which individually address security requirements for solutions that enable merchants to accept cardholder PINs or contactless payments using a smartphone or other commercial off-the-shelf mobile device.
Experian and T-Mobile have reached separate settlements with 40 US states following a pair of data breaches in 2012 and 2015. Experian will be bearing the largest brunt of the fine, with $14 million coming from the credit reporting company.
As phishing attacks soar in frequency and sophistication and are delivered by an entirely new breed of cybercriminals, it's time we utilize the latest technology to anticipate threats before they advance. Smartphones have become increasingly targeted by hacking attempts - especially since the pandemic, with total phishing attacks in the second quarter of 2022 rising to over 1 million.
According to a new report, almost half of Android-based mobile phones used by U.S. state and local government employees are running outdated versions of the operating system, exposing them to hundreds of vulnerabilities that can be leveraged for attacks. The report additionally warns of a rise in all threat metrics, including attempted phishing attacks against government employees, reliance on unmanaged mobile devices, and liability points in mission-critical networks.
Mobile Ecosystem Forum CEO talks privacy, security and the future of the mobile industry. TechRepublic spoke with the CEO of MEF, Dario Betti, to understand the growing mobile privacy and security issues, new regulations and their impacts, the passwordless future, and opportunities for the near future.
Cloudflare shows flair with new products for mobile and IoT security. Cloudflare holds the view that while corporate organizations have made moves to deploy zero-trust security solutions at the software level of their desktops, mobile devices have not received similar attention.
A new wave of a mobile surveillance campaign has been observed targeting the Uyghur community as part of a long-standing spyware operation active since at least 2015, cybersecurity researchers disclosed Thursday. It's worth noting that a part of the campaign was recently disclosed by researchers from the MalwareHunterTeam and Cyble, in which a book written by the exiled Uyghur leader Dolkun Isa was used as a lure to deliver the malware.
Massive amounts of private data - including more than 300,000 biometric digital fingerprints used by five mobile banking apps - have been put at risk of theft due to hard-coded Amazon Web Services credentials, according to security researchers. In all, 77 percent of these apps contained valid AWS access tokens that allowed access to private AWS cloud services, the intelligence team noted in research published today.