Attackers often use social networks in malvertising and spam campaigns to extort significant financial gains. A newly discovered malware campaign is abusing Facebook and YouTube accounts and using the compromised devices to mine for cryptocurrency.
Stanford University has recently reported a security incident involving a data breach. The incident, which occurred between December 2022 and January 2023, involved the unauthorized download of files containing sensitive admission information for the Economics Ph.D. program from the university’s website.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity flaw affecting the ZK Framework to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation.
Threat actors are distributing a sophisticated infostealer, known as DarkCloud Stealer, in various spam campaigns. The malware operates through a multi-stage process and is capable of collecting sensitive information from a victim’s computer or mobile device.
A sophisticated botnet known as MyloBot, which emerged in 2017, has been infecting more than 50,000 unique systems every day, revealed security experts. The most infected computers are located in India, the U.S., Indonesia, and Iran.
Google said it's working with ecosystem partners to harden the security of firmware that interacts with Android. While the Android operating system runs on what's called the application processor (AP), it's just one of the many processors of a system-on-chip (SoC) that cater to various tasks like cellular communications and multimedia processing.
“CISOs are on the defense, with the only possible outcomes that they don’t get hacked or they do. The psychological impact of this directly affects decision quality and the performance of cybersecurity leaders and their teams,” Gopal added.