brangberg – Page 1147

New Android Malware ‘Ajina.Banker’ Steals Financial Data and Bypasses 2FA via Telegram

Bank customers in the Central Asia region have been targeted by a new strain of Android malware codenamed Ajina.Banker since at least November 2024 with the goal of harvesting financial information and intercepting two-factor authentication (2FA) messages.
Singapore-headquartered Group-IB, which discovered the threat in May 2024, said the malware is propagated via a network of Telegram channels

New Chrome Features Protect Users Against Threats, Provide More Control Over Personal Data

Google is rolling out new features in Chrome to better protect users online and to improve their control over personal data.

The post New Chrome Features Protect Users Against Threats, Provide More Control Over Personal Data appeared first on SecurityWeek.

Urgent: GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Job Execution

GitLab on Wednesday released security updates to address 17 security vulnerabilities, including a critical flaw that allows an attacker to run pipeline jobs as an arbitrary user.
The issue, tracked as CVE-2024-6678, carries a CVSS score of 9.9 out of a maximum of 10.0
“An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7, starting from 17.2 prior to

Operant AI Lands $10M Investment to Boost Runtime Protection for Cloud and AI

Operant AI, a startup specializing in runtime protection for cloud applications, APIs, and AI systems, secures new $10 million investment.

The post Operant AI Lands $10M Investment to Boost Runtime Protection for Cloud and AI appeared first on SecurityWeek.

Transport for London confirms customer data stolen in cyberattack

Transport for London (TfL) has determined that the cyberattack on September 1 impacts customer data, including names, contact details, email addresses, and home addresses. […]

GitLab warns of critical pipeline execution vulnerability

GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions. […]

Realm.Security Emerges From Stealth With $5 Million in Seed Funding

Realm.Security has emerged from stealth with $5 million in funding and a solution that helps organizations manage security data.

The post Realm.Security Emerges From Stealth With $5 Million in Seed Funding appeared first on SecurityWeek.

Beware: New Vo1d Malware Infects 1.3 Million Android TV Boxes Worldwide

Nearly 1.3 million Android-based TV boxes running outdated versions of the operating system and belonging to users spanning 197 countries have been infected by a new malware dubbed Vo1d (aka Void).
“It is a backdoor that puts its components in the system storage area and, when commanded by attackers, is capable of secretly downloading and installing third-party software,” Russian antivirus

Evasion Tactics Used By Cybercriminals To Fly Under The Radar

Relentless in their methods, attackers will continue employing evasion tactics to circumvent traditional security measures.

The post Evasion Tactics Used By Cybercriminals To Fly Under The Radar appeared first on SecurityWeek.

Palo Alto Networks Patches Dozens of Vulnerabilities

Palo Alto Networks has fixed medium- and high-severity vulnerabilities in PAN-OS, Cortex XDR, ActiveMQ Content Pack, and Prisma Access Browser.

The post Palo Alto Networks Patches Dozens of Vulnerabilities appeared first on SecurityWeek.

Author: brangberg