Farmers New World Life Insurance and Farmers Group have filed separate data breach notifications with state authorities.
The post Farmers Insurance Data Breach Impacts Over 1 Million People appeared first on SecurityWeek.
New Android malware poses as antivirus from Russian intelligence agency
A new Android malware posing as an antivirus tool software created by Russia’s Federal Security Services agency (FSB) is being used to target executives of Russian businesses. […]
Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot
Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator.
“On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor,” Socket researcher Kirill Boychenko
“On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor,” Socket researcher Kirill Boychenko
FTC warns tech giants not to bow to foreign pressure on encryption
The Federal Trade Commission (FTC) is warning major U.S. tech companies against yielding to foreign government demands that weaken data security, compromise encryption, or impose censorship on their platforms. […]
Microsoft working on fix for ongoing Outlook email issues
Microsoft is working to resolve an Exchange Online issue causing email access problems for Outlook mobile users who use Hybrid Modern Authentication (HMA). […]
GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets
Cybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose Redis servers to various malicious activities, including leveraging the compromised devices as IoT botnets, residential proxies, or cryptocurrency mining infrastructure.
The first set of attacks entails the exploitation of CVE-2024-36401 (CVSS score: 9.8), a critical
The first set of attacks entails the exploitation of CVE-2024-36401 (CVSS score: 9.8), a critical
Murky Panda hackers exploit cloud trust to hack downstream customers
A Chinese state-sponsored hacking group known as Murky Panda (Silk Typhoon) exploits trusted relationships in cloud environments to gain initial access to the networks and data of downstream customers. […]
APT36 hackers abuse Linux .desktop files to install malware
The Pakistani APT36 cyberspies are using Linux .desktop files to load malware in new attacks against government and defense entities in India. […]
Large Interpol Cybercrime Crackdown in Africa Leads to the Arrest of Over 1,200 Suspects
Dubbed Operation Serengeti 2.0, the operation took place between June and August.
The post Large Interpol Cybercrime Crackdown in Africa Leads to the Arrest of Over 1,200 Suspects appeared first on SecurityWeek.
Fake Mac fixes trick users into installing new Shamos infostealer
A new infostealer malware targeting Mac devices, called ‘Shamos,’ is targeting Mac devices in ClickFix attacks that impersonate troubleshooting guides and fixes. […]