On Tuesday, GoTo (formerly LogMeIn), the parent company of LastPass, announced that an unknown party had successfully accessed encrypted backups of certain customers’ data, along with the encryption key for some of these backups, in a November 2022 incident. The company has identified that a third-party cloud storage service was targeted, whi...
Two security vulnerabilities have been identified in the Samsung Galaxy Store application for Android devices that could potentially be exploited by a local attacker to install arbitrary applications or redirect potential victims to fraudulent web pages. The vulnerabilities, designated as CVE-2023-21433 and CVE-2023-21434, were discovered by NCC Gr...
Researchers have successfully dismantled an extensive ad fraud scheme, known as VASTFLUX, that affected over 1,700 applications from 120 publishers and impacted around 11 million devices. According to fraud prevention firm HUMAN, VASTFLUX was a malvertising attack that injected malicious JavaScript code into digital ad creatives, allowing the fraud...
According to a report by the BlackBerry Research and Intelligence Team, the Russian state-sponsored cyber espionage group known as Gamaredon has continued its digital attacks against Ukraine, utilizing the popular messaging app Telegram to target the country’s military and law enforcement sectors. The group, also known by various other names ...
An individual going by the name of Lolip0p has uploaded three malicious packages to the Python Package Index (PyPI) repository, which are designed to install malware on developer systems that download them. The packages, named color slab (versions 4.6.11 and 4.6.12), httpslib (versions 4.6.9 and 4.6.11), and libhttps (version 4.6.12), were uploaded...
On Friday, DevOps platform CircleCI announced that it had experienced a data breach as a result of a “sophisticated attack” on December 16, 2022. The incident involved an employee’s laptop being compromised by unknown actors, who then used malware to steal the employee’s two-factor authentication-backed credentials to gain a...
A significant portion of internet-exposed Cacti servers remain unpatched against a recently discovered critical security vulnerability that has been actively exploited in the wild, according to attack surface management platform Censys. Out of a total of 6,427 servers, only 26 were found to be running a patched version of Cacti (1.2.23 and 1.3.0). ...
A recent surge in attacks utilizing the Gootkit malware loader has targeted the Australian healthcare sector, according to cybersecurity firm Trend Micro. The malware, also known as Gootloader, is known for using search engine optimization (SEO) poisoning tactics to gain initial access. It typically works by compromising legitimate infrastructure a...
A previously unknown actor of an “advanced persistent threat” (APT) is targeting government and military organizations in the Asia-Pacific region, according to a report from Singapore-based cybersecurity firm Group-IB.The group, which is tracking the campaign under the name “Dark Pink,” has attributed seven successful attack...
As of 2023, it is important for SaaS companies to be aware of the potential cybersecurity threats that may arise. In order to ensure the safety of your systems and data, it is crucial to focus on the following four key areas: web application weaknesses, misconfiguration mistakes, vulnerable software and patching, and weak internal security...