Bugs in several messaging/video chat mobile apps allowed attackers to spy on targeted users’s surroundings. The vulnerabilities – in Signal, Google Duo, Facebook Messenger, JioChat, and Mocha – could be triggered by simply placing a call to the target’s device – no other action was needed. Searching for bugs in video chat apps In early…

Lately, dark web actors have one more worry: getting caught by law enforcement. Tracking dark web illegal activities has been a cat-and-mouse game for authorities, but in the end, they often catch their adversaries and seize the dodgy money. On the night of the 2020 presidential election, for example, US government officials managed to empty…

The study released Monday by the security firm Emsisoft said ransomware attacks — which encrypt and disable computer systems while demanding a ransom — affected 113 federal, state and municipal governments, 560 health facilities and 1,681 schools, colleges and universities last year. “The attacks caused significant, and sometimes life-threatening, disruption: ambulances carrying emergency patients had…

A fourth malware strain wielded by the SolarWinds attackers has been detailed by Symantec researchers, followed by the disclosure of the attackers’ ingenous lateral movement techniques and the release of an auditing script by FireEye researchers that organizations can use to check their Microsoft 365 tenants for signs of intrusion. Then, on Tuesday, Malwarebytes CEO…

A software-defined wide area network is a type of computer network that allows the bounding of multiple internet access resources, such as cables, digital subscriber lines (DSL), and cellular or any other IP transport to provide high throughput data channels. WAN solutions improve application performance, reducing costs, increasing agility, and addressing various IT challenges. Enterprises…

While 91% of organizations were successful in increasing security as a result of adopting cloud services, it remains a top concern for many, a part two of an Aptum study reveals. The report identifies common security, compliance and governance challenges impacting organizations undergoing cloud transformation. The research reveals that 51% of survey respondents see security…

Taking advantage of the COVID-19 pandemic, which has forced the broad adoption of telework, cyber-criminals and threat actors are attempting to exploit possible misconfiguration and lack of monitoring for remote network access and user privileges. An observed shift in tactics, the FBI says, is the targeting of all employee credentials, not exclusively of those individuals…

WhatsApp has been in the news recently after changes to its privacy policy caused a surge of interest in rival messaging app Signal. Initial reports may have worried a lot of folks, leading to inevitable clarifications and corrections. But what, you may ask, actually happened? Is there a problem? Are you at risk? Or should…

The automated scam service has been named Classiscam by Group-IB and it’s meant to help cybercriminals steal money and payment data from unsuspecting victims, through the use of fake pages mimicking those of legitimate classifieds, marketplaces and delivery services. The Classiscam scheme is powered by Telegram chatbots, which generate a complete phishing kit, including courier…

In a lawsuit filed in Portugal, Facebook Inc. and Facebook Ireland seek permanent injunction against the two for violation of the social media platform’s terms of service and Portugal’s Database Protection Law. The social media giant says that the two created browser extensions that they made available for download through the Chrome Web Store. The…