Blog – Page 1069 – Cyber Mike

Opera Browser Fixes Big Security Hole That Could Have Exposed Your Information

A now-patched security flaw in the Opera web browser could have enabled a malicious extension to gain unauthorized, full access to private APIs.
The attack, codenamed CrossBarking, could have made it possible to conduct actions such as capturing screenshots, modifying browser settings, and account hijacking, Guardio Labs said.
To demonstrate the issue, the company said it managed to publish a

Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware

Cybersecurity researchers have uncovered an ongoing malvertising campaign that abuses Meta’s advertising platform and hijacked Facebook accounts to distribute information known as SYS01stealer.
“The hackers behind the campaign use trusted brands to expand their reach,” Bitdefender Labs said in a report shared with The Hacker News.
“The malvertising campaign leverages nearly a hundred malicious

FakeCall Android Trojan Evolves with New Evasion Tactics and Expanded Espionage Capabilities

The FakeCall Android banking trojan now employs advanced evasion tactics and expanded surveillance capabilities, posing heightened risks for banks and enterprises.

The post FakeCall Android Trojan Evolves with New Evasion Tactics and Expanded Espionage Capabilities appeared first on SecurityWeek.

Colorado Accidentally Put Voting System Passwords Online, but Officials Say Election Is Secure

Voting system passwords were mistakenly put on the Colorado Secretary of State’s website for several months before being spotted and taken down.

The post Colorado Accidentally Put Voting System Passwords Online, but Officials Say Election Is Secure appeared first on SecurityWeek.

WhiteRabbitNeo: High-Powered Potential of Uncensored AI Pentesting for Attackers and Defenders

Version 2.5 of WhiteRabbitNeo is designed to think like a seasoned red team expert, capable of identifying and exploiting vulnerabilities with remarkable speed and precision.

The post WhiteRabbitNeo: High-Powered Potential of Uncensored AI Pentesting for Attackers and Defenders appeared first on SecurityWeek.

Researchers Uncover Python Package Targeting Crypto Wallets with Malicious Code

Cybersecurity researchers have discovered a new malicious Python package that masquerades as a cryptocurrency trading tool but harbors functionality designed to steal sensitive data and drain assets from victims’ crypto wallets.
The package, named “CryptoAITools,” is said to have been distributed via both Python Package Index (PyPI) and bogus GitHub repositories. It was downloaded over 1,300

Back to the Future, Securing Generative AI

While there are similar security challenges that parallel traditional security, we must understand that AI requires new ways to approach security.

The post Back to the Future, Securing Generative AI appeared first on SecurityWeek.

Recent Version of LightSpy iOS Malware Packs Destructive Capabilities

A newer version of the LightSpy malware for iOS includes over a dozen new plugins, many with destructive capabilities.

The post Recent Version of LightSpy iOS Malware Packs Destructive Capabilities appeared first on SecurityWeek.

Embarking on a Compliance Journey? Here’s How Intruder Can Help

Navigating the complexities of compliance frameworks like ISO 27001, SOC 2, or GDPR can be daunting.
Luckily, Intruder simplifies the process by helping you address the key vulnerability management criteria these frameworks demand, making your compliance journey much smoother.
Read on to understand how to meet the requirements of each framework to keep your customer data safe.
How Intruder

Google Patches Critical Chrome Vulnerability Reported by Apple

Google has patched CVE-2024-10487, a critical Chrome vulnerability, and Mozilla has patched high-severity flaws in Firefox.

The post Google Patches Critical Chrome Vulnerability Reported by Apple appeared first on SecurityWeek.

Cyber News